Submitted URL: http://cripo.com.ua/
Effective URL: https://cripo.com.ua/
Submission: On September 20 via api from GB — Scanned from GB

Summary

This website contacted 56 IPs in 9 countries across 48 domains to perform 252 HTTP transactions. The main IP is 2606:4700:3037::ac43:d2da, located in United States and belongs to CLOUDFLARENET, US. The main domain is cripo.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.
This is the only time cripo.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 42 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f00... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
8 212.42.76.150 8856 (UKRNET Kiev)
9 2a00:1450:400... 15169 (GOOGLE)
9 136.243.84.74 24940 (HETZNER-AS)
1 193.239.68.97 39468 (BIGMIR-IN...)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 95.163.52.67 47764 (VK-AS)
1 2 104.18.3.81 13335 (CLOUDFLAR...)
4 81.19.89.18 24638 (RAMBLER-T...)
3 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
8 2a02:2638::3 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
2 34.98.67.61 15169 (GOOGLE)
2 35.227.252.103 15169 (GOOGLE)
2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
5 142.250.184.226 15169 (GOOGLE)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
2 2 104.111.215.191 16625 (AKAMAI-AS)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 178.250.2.146 44788 (ASN-CRITE...)
2 142.250.184.227 15169 (GOOGLE)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2600:9000:214... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.250.0.139 44788 (ASN-CRITE...)
1 178.250.0.162 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 104.96.132.42 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.11.238.206 16509 (AMAZON-02)
1 18.66.147.120 16509 (AMAZON-02)
1 18.66.147.89 16509 (AMAZON-02)
2 18.134.23.117 16509 (AMAZON-02)
252 56
Apex Domain
Subdomains
Transfer
53 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
c4cc15f7cab4592d9b94c9aad88cda6b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
663 KB
42 cripo.com.ua
cripo.com.ua
766 KB
25 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
312 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27692
ad4m.at — Cisco Umbrella Rank: 2111
assets.ad4m.at — Cisco Umbrella Rank: 34810
731 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com
169 KB
10 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.eu.criteo.net — Cisco Umbrella Rank: 8383
csm.eu.criteo.net — Cisco Umbrella Rank: 8385
31 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
2 KB
9 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 64920
st11.rcvlink.com — Cisco Umbrella Rank: 81151
56 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9563
3 KB
7 fwdcdn.com
sinst.fwdcdn.com — Cisco Umbrella Rank: 200299
39 KB
6 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14670
ads.eu.criteo.com — Cisco Umbrella Rank: 8147
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10454
67 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
245 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
109 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 23027
api.webgains.io — Cisco Umbrella Rank: 59421
85 KB
3 rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 28402
3 KB
3 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10388
16 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 9081
www.google.de — Cisco Umbrella Rank: 6352
1 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16122
1 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1728
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 648
207 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1505
485 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
462 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 561
140 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 120642
static-de.ad4mat.net — Cisco Umbrella Rank: 157656
4 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3603
71 KB
2 i.ua
r.i.ua — Cisco Umbrella Rank: 161004
i.i.ua — Cisco Umbrella Rank: 479621
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
89 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69591
85 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48798
2 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 73156
657 B
1 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 20138
696 B
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 82540
518 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1495
752 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1423
296 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
459 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1020
463 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 748
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
9 KB
1 top100.ru
st.top100.ru — Cisco Umbrella Rank: 34736
31 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
645 B
1 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 150887
419 B
1 sinoptik.ua
sinoptik.ua — Cisco Umbrella Rank: 100475
941 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
42 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
0 yandex.ua Failed
mc.yandex.ua Failed
252 48
Domain Requested by
42 cripo.com.ua 1 redirects cripo.com.ua
37 tpc.googlesyndication.com cripo.com.ua
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
cripo.com.ua
googleads.g.doubleclick.net
15 pagead2.googlesyndication.com cripo.com.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 fonts.gstatic.com fonts.googleapis.com
8 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
8 mc.yandex.com 2 redirects cripo.com.ua
mc.yandex.ru
7 www.google.com 2 redirects cripo.com.ua
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 sinst.fwdcdn.com sinoptik.ua
sinst.fwdcdn.com
6 assets.ad4m.at as.ad4m.at
6 www.googletagservices.com cripo.com.ua
googleads.g.doubleclick.net
6 fonts.googleapis.com cripo.com.ua
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
5 cm.g.doubleclick.net googleads.g.doubleclick.net
cripo.com.ua
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 go.rcvlink.com cripo.com.ua
go.rcvlink.com
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 st11.rcvlink.com cripo.com.ua
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
cripo.com.ua
3 www.gstatic.com googleads.g.doubleclick.net
3 kraken.rambler.ru st.top100.ru
cripo.com.ua
3 top-fwz1.mail.ru cripo.com.ua
2 api.webgains.io analytics.webgains.io
2 www.awin1.com 2 redirects
2 p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com
2 e.dlx.addthis.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com googleads.g.doubleclick.net
2 rtb.openx.net googleads.g.doubleclick.net
2 odr.mookie1.com googleads.g.doubleclick.net
2 id.rlcdn.com googleads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 mc.yandex.ru 1 redirects cripo.com.ua
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net cripo.com.ua
connect.facebook.net
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 www.conrad.de as.ad4m.at
1 www.zenaps.com 1 redirects
1 banner.congstar.de as.ad4m.at
1 csm.eu.criteo.net ads.eu.criteo.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 static-de.ad4mat.net as.ad4m.at
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 mug.criteo.com cripo.com.ua
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net cripo.com.ua
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 static.xx.fbcdn.net www.facebook.com
1 www.google.de cripo.com.ua
1 c4cc15f7cab4592d9b94c9aad88cda6b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.facebook.com cripo.com.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 st.top100.ru cripo.com.ua
1 i.i.ua cripo.com.ua
1 r.i.ua 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.bigmir.net cripo.com.ua
1 sinoptik.ua cripo.com.ua
1 www.googletagmanager.com cripo.com.ua
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
0 mc.yandex.ua Failed cripo.com.ua
252 69

This site contains links to these domains. Also see Links.

Domain
sinoptik.ua
www.ukr.net
www.facebook.com
twitter.com
www.i.ua
top100.rambler.ru
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-29 -
2023-05-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-29 -
2022-09-27
3 months crt.sh
sinoptik.uk
Sectigo RSA Domain Validation Secure Server CA
2021-11-01 -
2022-12-01
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.rcvlink.com
Thawte RSA CA 2018
2021-10-01 -
2022-10-01
a year crt.sh
c.bigmir.net
R3
2022-08-07 -
2022-11-05
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018
2021-10-15 -
2022-11-15
a year crt.sh
*.top100.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-02-03 -
2023-02-14
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-05-21 -
2022-10-31
5 months crt.sh
www.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
www.google.de
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020
2022-05-16 -
2023-05-06
a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-07-22 -
2022-10-19
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-03 -
2022-11-05
3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2022-08-16 -
2022-11-14
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-15 -
2023-04-15
a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-02 -
2022-11-01
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-21 -
2022-11-23
3 months crt.sh
*.webgains.com
Amazon
2022-06-14 -
2023-07-13
a year crt.sh
*.webgains.io
Amazon
2022-08-23 -
2023-09-21
a year crt.sh
cdn.track.production.webgains.team
Amazon
2022-08-08 -
2023-09-06
a year crt.sh

This page contains 31 frames:

Primary Page: https://cripo.com.ua/
Frame ID: 86C8BBE133BC721AFFCE6666A5BFA757
Requests: 102 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: 8AEDF31CC3DF01B5C9CBAB53FC094144
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
Frame ID: 759993916C02A3037DCC90E7818C9EE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&adk=1812271804&adf=3025194257&lmt=1663635313&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcripo.com.ua%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600334&bpp=4&bdt=408&idt=338&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1988934572422&frm=20&pv=2&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=356
Frame ID: 36AC80DB0C4A02A97A88591E410989FF
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: EEE317C1AD07D32715794636CD922F90
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Frame ID: 3DFE6A15AB4F1A9B21E11C6A332B3F97
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcripo.com.ua%2F&tabs&width=230&height=70&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=519720965151294
Frame ID: D734F12B3A635DEAD73BF0A27C80E412
Requests: 2 HTTP requests in this frame

Frame: https://c4cc15f7cab4592d9b94c9aad88cda6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C6C5D987C7874CC5172FA4B8104AC8C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Frame ID: ED8182D733FCCD44812DE9BE303A8F51
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cj-xouDMpY6imNITH1fAPm_W72AimisnAbOXEy4GXEI2xluSSMRABIOuCxHVglaLxgZAHoAGyisGqAcgBCakCSq06kblSqT6oAwHIA0iqBPkBT9D12i4G47E6xF_-X-PxTSFTLWuobQaNzdUekpLawmvVnHarP92pA0pR2s4PxQDLKGT1q8q_n6p2nxxWuoBx7f8geUk-r2p2_qthdLJxIpk2EGKFXYiejVwN2R0yhlgsUgYkC3lqZtEqeBjSmeEzUAFDLlVuFY9--s6utlAvm9kTUsJVghLLmPfCwv_A38-wR4hVXEmAXyBwkN5nXwQR_OnYCaAYrNIH9I1ZJaec8nzKwe97stvcVmXY2Ug-ax4JDMFz1A1ECN65y9_AbuyNlbOv9iXqztz-hkym2RrKjg4OTvArAJwV6f01Mo1YjRD__ie_s_ecDtCVwATukPjzlASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDjuA3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02ODY2ODgxNDk2NDk4MTE5GAA&sigh=TAwfHIwjdsw&uach_m=[UACH]&template_id=419
Frame ID: A8272EF88D472CB900A921042B9F7DE8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Frame ID: 658574680EA870962E99C762AF33F6AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Frame ID: AF7B88C2A45907D39039C7EDEE1DD4F8
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 4F86F294902984FFC08C341E533AF4A8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C7FD388F381D15981DEDB7409D2B2BE4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Frame ID: 533565628BED823B95440BEFFAEB846F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Frame ID: F40D10B68204CCF09BF51A942A715795
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Frame ID: FCF10FA494A9D3E387C1C4EDCAEA5D9B
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E0B79664AD75802C0DAD022E88E3AD84
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CFkaRuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBN4BT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGD9PR8Jp0fFLJ1tu6NAnUwThGmf2e9LmZpk4kAPVxJ1aP0ppDvbNgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY4NjY4ODE0OTY0OTgxMTkYAA&sigh=DEGh1Yb140o&uach_m=[UACH]&cid=CAQSOwCsnQUxXhvHLw7JjlNJFm9gUkveYagZFUdZErWUBki3bEjkCNlW0VnfVB24iebsu2oPtUDCs4DVsXCvGAE
Frame ID: 0762855868E8ED1A60EC13CED1CFC9BE
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gbtgqewvqjngbj9peyx9qky69g9hmnx5hkm84x22ee4c8tecg2mtqbkjt99wfxv59g3p1cxpwnq9w4aveb5ykqa0vdse0wbxa1xmkew7hrkjc2j0j5fjmrs6d7xh7rc8dg60j498d5pfr2ga3z8tc1b6azchwj66pqa49m4q8nwc1jwj2xysjdg53vbj8fkv6d8szx9k37fxweyjj7yx04x8dybrvp4ct00897p9mex0yf8fvn6wd7yp3k7nvhmgqgfztyegpfde87fh20z6j4hvb5mej38d2trftwke1kjpqbc0n2a6sv8j5atqmx2fb0yh8wkvpedj1y61enwyxae8py33gcq1vzdh6dnacafq7p0xx4e93rpnfeb3p4b2a616j0jndvhxten7h5e2069hmz4a8h6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%26client%3Dca-pub-6866881496498119%26adurl%3D
Frame ID: 0B3A34D4BAC2027077BAB66FE80DF9B1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C085FF228256E58B71B463026A4C5239
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cripo.com.ua
Frame ID: F87F29A7911E71688A42EBB68B7D5B76
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Frame ID: 8B66D418905E939127EA0D240989E765
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: ABCA4D1A1661508747E9426F66D7AD06
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0A89E369A9A2641E3FD0EA960F8D2927
Requests: 2 HTTP requests in this frame

Frame: https://p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 3EE4C46507BDBB8607B791178CCC58C1
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8CC752619FFF030C3B647D01EF4E4F8D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 7ED48F8DBDCB879040620216AB873CC3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Frame ID: 04CB0D75252FE26B0ECFC8A97CFFC7C7
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34D9BFC3444016B5935A515B4D4F03DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D00677C71A0EA77DE3F498ADA656DD9
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

УКРАИНА КРИМИНАЛЬНАЯ - О чем не говорят вслух

Page URL History Show full URLs

  1. http://cripo.com.ua/ HTTP 301
    https://cripo.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

252
Requests

96 %
HTTPS

56 %
IPv6

48
Domains

69
Subdomains

56
IPs

9
Countries

3665 kB
Transfer

7596 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cripo.com.ua/ HTTP 301
    https://cripo.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://r.i.ua/s?u1959&p252&n0.28854086485339003&c1&d24&w1600&h1200&r/cripo.com.ua/ HTTP 302
  • https://i.i.ua/r/3_1_1.png
Request Chain 109
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9766.EgxOliSJL5ZxlXFARhdm4xXTA7R66KPKAVCvU1pFT8vplN8AFtbmRC3K1Lz2-230.olvROj9YZ7hHeHPZBhgUYut3KxE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9766.jQxVbu40dYHRBx_KlBUoteug8oBAAs5aiDcUIc6VMMftMlkMSVnimjdC7Br-6qfPpcSjXbwfhGxeGpTbYka67A%2C%2C.474byduHZlgQbUSuyBLhgXWbiMY%2C
Request Chain 162
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 175
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOdoT7zZqI1y97ZTB3qCKMA&google_cver=1&google_push=AZmPxg9fskVuazuW3q3oumE8inuNtP3aboyeDuXOH3AG8bJmu5DZjqTyHxN2RTWBMyIy5Z9n-J1yI7chiWuyyOPptLx7N5aUUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5TjFJUEItMUstMVIxMA==&google_push=AZmPxg9fskVuazuW3q3oumE8inuNtP3aboyeDuXOH3AG8bJmu5DZjqTyHxN2RTWBMyIy5Z9n-J1yI7chiWuyyOPptLx7N5aUUw
Request Chain 176
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_cver=1&google_push=AZmPxg-9q6p5YCbeh9FfS-D0wKDw8ZgNfIGzoPViWLjxjUFolXk5vdSw93HJjKKbZO519lM7DtG3UowESXmaavfexT9i3i9N2Bs HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_push=AZmPxg-9q6p5YCbeh9FfS-D0wKDw8ZgNfIGzoPViWLjxjUFolXk5vdSw93HJjKKbZO519lM7DtG3UowESXmaavfexT9i3i9N2Bs&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_hm=Yykzuqd99oHM-06UxidcpwAABJoAAAAB&google_nid=index&google_push=AZmPxg-9q6p5YCbeh9FfS-D0wKDw8ZgNfIGzoPViWLjxjUFolXk5vdSw93HJjKKbZO519lM7DtG3UowESXmaavfexT9i3i9N2Bs
Request Chain 178
  • https://mc.yandex.com/watch/86497226?wmode=7&page-url=https%3A%2F%2Fcripo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A868134117630%3Ahid%3A752228079%3Az%3A0%3Ai%3A20220920033001%3Aet%3A1663644601%3Ac%3A1%3Arn%3A618600275%3Arqn%3A1%3Au%3A1663644601354618810%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663644599645%3Ads%3A0%2C93%2C73%2C15%2C113%2C0%2C%2C878%2C2%2C%2C%2C%2C1191%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663644602%3At%3A%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/86497226/1?wmode=7&page-url=https%3A%2F%2Fcripo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A868134117630%3Ahid%3A752228079%3Az%3A0%3Ai%3A20220920033001%3Aet%3A1663644601%3Ac%3A1%3Arn%3A618600275%3Arqn%3A1%3Au%3A1663644601354618810%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663644599645%3Ads%3A0%2C93%2C73%2C15%2C113%2C0%2C%2C878%2C2%2C%2C%2C%2C1191%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663644602%3At%3A%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 191
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_QRAtYkIAZtvY46evGOkQ5ePS0KVpC3b_gLcYJENfFIxsx4Wb_oA28_zU7rb9HoJKlT3jKhqB1qOJhOngHukwYbhOXBoG4&google_gid=CAESEF7k9-P8jvJo_tmiXfJ6e_8&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_QRAtYkIAZtvY46evGOkQ5ePS0KVpC3b_gLcYJENfFIxsx4Wb_oA28_zU7rb9HoJKlT3jKhqB1qOJhOngHukwYbhOXBoG4&google_gid=CAESEF7k9-P8jvJo_tmiXfJ6e_8&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjAwMzMwMDIwMDAxNTU4OTQ1NTg2OQ%3D%3D&google_push=AZmPxg_QRAtYkIAZtvY46evGOkQ5ePS0KVpC3b_gLcYJENfFIxsx4Wb_oA28_zU7rb9HoJKlT3jKhqB1qOJhOngHukwYbhOXBoG4
Request Chain 200
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cripo.com.ua&sn=ChromeSyncframe&so=0&topUrl=cripo.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9BIsF3xleXhQUk9kRFY2Q2VQQ0swVWRyd0pQaWs3M3VDd1JhSkphQ0J5bllqSUFrTzljZFlaQml0M1FVeE1pbFlDSUlnV1N4UE1raFhVc0pjNVFEZWU1b3dBWEh4RHRWcVllbWcybG5ON3lvL08zRnFWODJqREUrNWtHOW9QVXRzVmQwNGhvMys4WVdFTk50bDBIejVsUHR4ZFB0YVNSTExpamE0dkRPbXliYk1oVEwzSGVMR0k2dWRJQnNHYkNSb3V6dHJmUkhGaUd0U0ZjbTNlejA2blEzRWI5Ujh6T2NRV0I3ZjV2ZHRObmQ1WjRUWGJVQUR1cTFGMlNiSlFTSi9tNmJDZ3d6djNySjVZZ1RvWjdnUEFsVTBwQT09fA&cppv=2
Request Chain 213
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 236
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663644603_83d1e680-3894-11ed-b2a7-22665d867147
Request Chain 241
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=83d20d90-3894-11ed-bcc2-2261f6323861&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663644603_83d20d90-3894-11ed-bcc2-2261f6323861&insert=AW&&gdpr=0&gdpr_consent=

252 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cripo.com.ua/
Redirect Chain
  • http://cripo.com.ua/
  • https://cripo.com.ua/
207 KB
58 KB
Document
General
Full URL
https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f26f86b01471869ef323ffd41a98d4561975d524a1c45818300ec6d89b99daf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
6324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d77add3b0476e1-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 03:29:59 GMT
last-modified
Tue, 20 Sep 2022 00:55:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUV7BC1jSY%2FavRZg%2FojqugYjCU3Rsbow4TUTO5SJardRGEJB84M2%2BVUKXVZ%2FOEcb1GcBzbQGh%2Fbx6ATghpmYhZA8Tgv%2BOpb7NaDQFyOv0QyQOQVtKmZaZ3fHUhCL54%2BCAC6Ov2HId6gf65A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000

Redirect headers

CF-RAY
74d77adc483775ad-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 20 Sep 2022 03:29:59 GMT
Expires
Tue, 20 Sep 2022 04:29:59 GMT
Location
https://cripo.com.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRKES2jqpGUDrjfxJMMCHDYDrfcjNeHuQBXHDIqCEbpCbiVT4BhzVz%2BY3p5scyMM5FfBo1fnqLLY0EUs58HsIvgoCg9%2FXOrI9HxDST9h1vT14ppJKAnj2sogmHNvdOxo8oOU12gRsQnHAck%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/
106 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3950698-1
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d52e9f8340096981f73fdc65d947526ea068bde2028d337d6a851b1e9c59b448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42288
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Sep 2022 03:30:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
168 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9af11a37fd6c3c92a3a2f6fff785629f76cb68f87a7d0522d2ebce5792fdbf81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58072
x-xss-protection
0
server
cafe
etag
12120927476975245763
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:30:00 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a034061196a92b75b0900de7d7528fa6663d0364ff090af88e1d81a9029c557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 03:30:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 20 Sep 2022 03:30:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Sep 2022 03:30:00 GMT
style.min.css
cripo.com.ua/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://cripo.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
505799
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 03:49:26 GMT
server
cloudflare
etag
W/"62ce40c6-15b64"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G6F9ykgob%2BuKzs%2B%2F3t0F1otckyMFJmcHO%2B6INJLBVcekkFhZgsApU6hhAeDjA9PjfUCnTMoaE4gtzo4IURVEAgmJjNLeKVuUhy5lJCdAJCFPcYxJqcktjloclRCtD0fwgJ7gAuCCD4Pq88%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
74d77addbb4b76e1-LHR
expires
Tue, 20 Sep 2022 14:47:42 GMT
blocks.style.build.css
cripo.com.ua/wp-content/cache/min/1/wp-content/plugins/block-gallery/dist/
33 KB
5 KB
Stylesheet
General
Full URL
https://cripo.com.ua/wp-content/cache/min/1/wp-content/plugins/block-gallery/dist/blocks.style.build.css?ver=1660001800
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c486ffc0510a5d3933862fa223b0c7a1086aacbb5974df77e1c373e733b8364d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Aug 2022 23:36:40 GMT
server
cloudflare
etag
W/"62f19e08-842a"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGc%2BHDiVVONLZnge8rCXKu%2BWQBJ1Anxu%2Fwx5GXy7PFDAd0s6W5ZUwGWoHQFOgdMHuPlZG4Wc7cGqYT%2FNwjFr5WkrQH%2Bao9FyBCQUVJwX%2FD7b7QH2ymdvMAs23D3tKQQimfgtk976Yg1QGdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
74d77addbb4c76e1-LHR
expires
Mon, 19 Sep 2022 21:27:52 GMT
styles.css
cripo.com.ua/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://cripo.com.ua/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=1660001800
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ef6ebd6eb1681f764ebaaca655e0fb590967176f2df5b3fd9e67e1bd525ebe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
510643
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Aug 2022 23:36:40 GMT
server
cloudflare
etag
W/"62f19e08-8bd"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laKtijhvW5CNibTxwhkwl7%2F6AmeRPGaciEFVrB2%2FPWOoor%2BGejxSoD4n4cdpCt%2Ffaewgxv4ofaBQ0n3qVugEr7SIBynFwh5mvP0LnW11jIFa0muNLqlPtK6ZH4hRPRPm0JRMnEY45iFbXW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
74d77addbb4d76e1-LHR
expires
Wed, 21 Sep 2022 03:34:42 GMT
imagelightbox.min.css
cripo.com.ua/wp-content/plugins/responsive-lightbox/assets/imagelightbox/
83 B
449 B
Stylesheet
General
Full URL
https://cripo.com.ua/wp-content/plugins/responsive-lightbox/assets/imagelightbox/imagelightbox.min.css?ver=2.4.1
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2801bf17304ea0c05b50af0c2adefd7953b93b6f5b4f1419c145126e6daebc9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207580
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 25 Jun 2022 10:56:38 GMT
server
cloudflare
etag
W/"62b6e9e6-53"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMI8jNbvux6UYDgUTKiTA4kFIqCEp0xPMmZ4Lgk0WbJxqUHT6mnPCLKNDSZZjTsaX44ZAxgRFfvedtt14uK5DqsF3cOwfriclxVBPILBkKe2aC7R0vCCJtYcXOW2oXysd5cM2%2F0tmE7PoKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
74d77addbb4e76e1-LHR
expires
Fri, 23 Sep 2022 19:38:05 GMT
main.min.css
cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/
89 KB
18 KB
Stylesheet
General
Full URL
https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/main.min.css?ver=1660001800
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c988ac9fd0c8a272e5affd027eb2a0d6177b195ac8a1a70adc1f7edc63943e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
150864
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Aug 2022 23:36:40 GMT
server
cloudflare
etag
W/"62f19e08-163a3"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ych7CTZkZcVQwbL3EPuUH4OwYxXz9Cep0RRY2QzViuIg6x207sfmeq%2FJX3FFGNqQyQ9O1wANxEFpsE8naeY%2F0CtTl7ImZHvkQ5VQCvr9mc5hpGjPm3isIOBlzcPf7rH1rDtORc6LtiyzvBU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
74d77addbb4f76e1-LHR
expires
Sun, 25 Sep 2022 08:13:03 GMT
font-awesome.min.css
cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/
34 KB
8 KB
Stylesheet
General
Full URL
https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/font-awesome.min.css?ver=1660001800
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e794bd981fffa3ee68b3d2b7401af61390b1cf15cc40780ccf01624c75e65c21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Aug 2022 23:36:40 GMT
server
cloudflare
etag
W/"62f19e08-8861"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FGYuijikb7MAtNenuEnnmEpvicsj%2B2MPuDQ5%2Bp%2F91lxGJR5TtGIP%2B5IQ9%2F2Ww9yqDu8FfGRqbQJFjB9A0bese63dj2THV3zKIo8Fh5n6WtZHzqLD56wfLOKd1Hgbwr2lLFFGFU0sZW6Bcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
74d77addbb5076e1-LHR
expires
Tue, 20 Sep 2022 00:02:05 GMT
sphinxsearch.css
cripo.com.ua/wp-content/cache/min/1/wp-content/plugins/wordpress-sphinx-plugin/templates/
328 B
547 B
Stylesheet
General
Full URL
https://cripo.com.ua/wp-content/cache/min/1/wp-content/plugins/wordpress-sphinx-plugin/templates/sphinxsearch.css?ver=1660001800
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fc789e1449dfbf30b50b834d0e723bd180b207f249a77296bd2850d68b97b13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
443312
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Aug 2022 23:36:40 GMT
server
cloudflare
etag
W/"62f19e08-148"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9xakePNOsJ3MMgDx53vhAq7DbIcAKRqXcoOfsdLgVH7Lj3nqQzC34LKVhYlalKROQdUpEXrDYEj72ZSDD5NiQAgSgUe3klqTrfRJLpiqLusdMNnlzDwtz%2B16J0We%2B1mXmdjkJueZ0NjNpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
74d77addbb5176e1-LHR
expires
Wed, 21 Sep 2022 04:32:06 GMT
jquery.min.js
cripo.com.ua/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://cripo.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
319608
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Jul 2021 22:58:13 GMT
server
cloudflare
etag
W/"60f8a685-15db1"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ%2BK%2Fv2aoxk1yBJ6fqVVVsUM274gvMSwyVWg9UKXvY5NoGofSrGPNVMHY2VtGYzJSzy7GVf%2BRLwQT74bVISbGuMNUc%2Bc3oDXWgYjJjIKXJmfCbCLWse2BQjmrjBTlgJNhlxVOMtswPX5bnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77addbb5276e1-LHR
expires
Thu, 22 Sep 2022 21:08:35 GMT
jquery-migrate.min.js
cripo.com.ua/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://cripo.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
421799
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Dec 2020 23:27:54 GMT
server
cloudflare
etag
W/"5fd15d7a-2bd8"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL3GDUQ3wtipDXrSzqSH4oFPCdtLIipMcNw2tPhHookqMm1azyqupRIHMCaen%2BOKEllPnTwys0h58Qm9FsWP0YfNUmEMRUOzXj6krdOI9lwFX3k9p5QTdMOQdhdJ5OGg592e6u1qBRGVXxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee869889e-LHR
expires
Wed, 21 Sep 2022 18:09:31 GMT
imagelightbox.min.js
cripo.com.ua/wp-content/plugins/responsive-lightbox/assets/imagelightbox/
4 KB
2 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/plugins/responsive-lightbox/assets/imagelightbox/imagelightbox.min.js?ver=2.4.1
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b6c000b75872a412d566f65e3e36c99361760afa96b8c9ed9f6aea16440f25
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205804
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 25 Jun 2022 10:56:38 GMT
server
cloudflare
etag
W/"62b6e9e6-110e"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HP8LBkhzdCB6ONcGCCu96UU1HP%2FQsJFtVFV5JQWH2DrpD3oomWO75wHvm0U0cuU04m%2FCuCbiLBzzZsOMO7e7sOqqusKfp86gPLpATBt57jefNnrlXdat8kWdVpf88g5KP0DShqUPNTtrtzU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee86b889e-LHR
expires
Sat, 24 Sep 2022 15:04:36 GMT
underscore.min.js
cripo.com.ua/wp-includes/js/
18 KB
8 KB
Script
General
Full URL
https://cripo.com.ua/wp-includes/js/underscore.min.js?ver=1.13.3
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415473
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 25 May 2022 23:31:25 GMT
server
cloudflare
etag
W/"628ebc4d-49df"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45L3feWl1VVge1eTtPHfcP8fbwIlJR62ATHggjEsrBWYnBZwcEbJH9mQN08YDMcZB2MCszWYHMJsGHQ2QkIsIDcP92j2nRWBfQ3G0%2BB2JHdCC7J0qxVaaVOBuHXD13het04I7RnhrTYWCf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee86c889e-LHR
expires
Wed, 21 Sep 2022 18:09:31 GMT
infinite-scroll.pkgd.min.js
cripo.com.ua/wp-content/plugins/responsive-lightbox/assets/infinitescroll/
22 KB
7 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.0.2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
502941
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 25 Jun 2022 10:56:38 GMT
server
cloudflare
etag
W/"62b6e9e6-581b"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXfSh2wBAVrs72hcNdNm%2F5N0vBwubfhCXtvFLPl%2BjppYtjNKv1MEatJ4bFO0FqvQ4pGpq5EGzaap4JrjYVH%2F%2F16eAuab8VtBd3UM4K3XSAnBVim6N69H3BIzdg8JhqzJR6Wh29IgUYXRysk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee86d889e-LHR
expires
Tue, 20 Sep 2022 13:26:26 GMT
front.js
cripo.com.ua/wp-content/plugins/responsive-lightbox/js/
27 KB
6 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.4.1
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e1e742032df2f87ac2a39ed149f3a1deb14f85de5bbd1be5eb487237954348
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205804
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 25 Jun 2022 10:56:38 GMT
server
cloudflare
etag
W/"62b6e9e6-6d18"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXuPf29%2BDRjAsoWwYIMQQNCrs6EwxH3%2FswqKKidt0uHPDWAfC%2FSkX1K2651c4JagVVJcVlX6OpkfAI4HGuglwaZx%2BOwHZV8CRoMZokBg8thl7CUsJTmUBrQwvm7qrN0p4YV8mOz5j2l0Gto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee86e889e-LHR
expires
Fri, 23 Sep 2022 19:38:05 GMT
mobile-detect.min.js
cripo.com.ua/wp-content/themes/cripo/assets/front/js/libs/
37 KB
16 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/js/libs/mobile-detect.min.js?ver=6.0.2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e22afffaeb2ebee859d3de23029aca228b10f5a905d2b93f73e998275db85f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
501390
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 22 Sep 2018 21:10:35 GMT
server
cloudflare
etag
W/"5ba6afcb-939b"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFYLnaY65qBWapFg0ZeR%2F8Lel8xNXCiNablLP2NkIZG7SdpgvjFZMlu1y5fcirDhLJ4GCrn%2BmFS6nUKHc22t5PRCNuZEtKXa00WGxVE2XxwmNW9YE1ydhOkao6TZhQCMOGKE%2BHVLrOfuuWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee86f889e-LHR
expires
Tue, 20 Sep 2022 15:03:17 GMT
jquery.flexslider.min.js
cripo.com.ua/wp-content/themes/cripo/assets/front/js/libs/
22 KB
7 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/js/libs/jquery.flexslider.min.js?ver=6.0.2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f210248157545b87cc05b38b166eb398bd8a5e5795f3c7eaecd683e535d5922c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 22 Sep 2018 21:10:35 GMT
server
cloudflare
etag
W/"5ba6afcb-58d1"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGHAKI9tNPFlZRxhWv7%2BAZsptuRV6FqVthpxq9FTAlYTkBW8RYw2esCF1vssfLKtITYp0zVr6Eyqe72R4jkVCcWrkkK3Ci9Svgr8qsDySW0UTT9W8K2CKzYUIFCa0snZWcOxfZX3n8W7SCg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee870889e-LHR
expires
Mon, 26 Sep 2022 17:34:01 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43d1db47c32098848e3f6a32a39d8f50a9e91a25d4e5ba8f63daba275e6557d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cripo.com.ua/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qqXmR+Zit3GVjgO3nnLdUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
VB4GWptdNKcw4jQJJvqXFvS8GL5iOY8USDbE9WXTpsHytwIo1C5kA8VR0Qm/ExZY6tjGLG/8PUvtWxLACII8RQ==
x-fb-trip-id
2050670934
x-fb-content-md5
916eb4e1bd69ff9892d0a940d7867a72
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"162375cd139004ab2a0c4813cbeabc78"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 20 Sep 2022 03:37:23 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c0903e672ee977de66abaaa4902a7653d4aa0f72c2039071288e19c0e0cc45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27884
x-xss-protection
0
server
sffe
etag
"1339 / 568 of 1000 / last-modified: 1663625460"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 20 Sep 2022 03:30:00 GMT
informers_js.php
sinoptik.ua/
2 KB
941 B
Script
General
Full URL
https://sinoptik.ua/informers_js.php?title=3&wind=2&cities=303010783,303018950,303014487&lang=ru
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
ce6c3dfb0967b3e42954ec52e624e51c001f0bdec4d9d42dd40f6d2b010f9d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-store, no-cache, must-revalidate
date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-server-by
sinfe1
server
nginx
vary
Accept-Encoding
content-type
application/json
cache-control
must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains
expires
0
email-decode.min.js
cripo.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://cripo.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 13:38:19 GMT
server
cloudflare
etag
W/"63232acb-4d7"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQujTGb77WqDICi%2BAeQaaQo3eT3qPV8KKkiDcEeg5CbUUOmhwh41PqS3VDMTU7EAsiFM7Bdr%2FK6SW5dWfkltu6YHDH0T6iDppvoLrYMVsE0tQ803XZvfJF0MWVYhigpEaxaaN7VS1aFT7mo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74d77adddb6b76e1-LHR
vary
Accept-Encoding
expires
Thu, 22 Sep 2022 03:29:59 GMT
index.js
cripo.com.ua/wp-content/plugins/contact-form-7/includes/swv/js/
9 KB
3 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 06 Sep 2022 00:49:58 GMT
server
cloudflare
etag
W/"63169936-25d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0wJwHFziN27eRX64NwZ8PmdMn3EsdRtTZXtpX400dSyYzlRH3MIFtpLZvhHvStCUeQM9%2FBlkz20kGyzgM8THimh8on22qmsP7yboUL4%2BDVr2RrJgiJH%2BXgeX%2BggFMLhHvw5GmjiVCFYR8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
cf-ray
74d77adee871889e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 26 Sep 2022 13:08:54 GMT
index.js
cripo.com.ua/wp-content/plugins/contact-form-7/includes/js/
12 KB
4 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 06 Sep 2022 00:49:58 GMT
server
cloudflare
etag
W/"63169936-2fb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr7%2FJItH9%2ByVChJDStgZvGeVSRrWZ7DPObawarcZikwC5T6Slz4n9j56ksWFJBse1LDnEm4iDMAn74iZlxbitHzSuZq4JASXfgvLswP3awxPZ3pPiFo3YMbqXnTiIIIcdr9K1cFkV7A5qxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
cf-ray
74d77adee874889e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 26 Sep 2022 08:23:43 GMT
scripts_1-0-3.js
cripo.com.ua/wp-content/plugins/news-ticker-benaceur/style-anim/inc/
73 KB
18 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/plugins/news-ticker-benaceur/style-anim/inc/scripts_1-0-3.js?ver=1.0.2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee43cd8989e72cae9123bb66e2d229ced30da9bf271bf682b321bcecf4f2e01e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
328873
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Apr 2022 22:02:20 GMT
server
cloudflare
etag
W/"625899ec-122ef"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fajYFzmc%2F%2FDYFTZyd1TQdWvrnG2b9Z%2Fu4I4j%2F81c8em3DNqUUi3%2F2XMjhbs7nlcb3hWni94PMa56QWQILbto%2BbvONu7y48oeoPfr6%2BGOMKyejxcqqCzMVid67EjDpTvPLQdcz0nhcUo7TE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee875889e-LHR
expires
Thu, 22 Sep 2022 19:33:20 GMT
scripts.min.js
cripo.com.ua/wp-content/themes/cripo/assets/front/js/
83 KB
25 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/js/scripts.min.js?ver=v1.3
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b10852e6b7448dbd73eed91845674c0db1a9a7ee23c3fd3f494a2c422d7cdbe2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
466462
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 22 Sep 2018 21:10:35 GMT
server
cloudflare
etag
W/"5ba6afcb-14b93"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3FTN10KRpJ5qq0czK5GHCd1JgdkZYHhJCiby%2FarY1qvzE2Spd0aqx5%2B9mPjlU7n3bN1bqV%2Fj6jT5Dv3%2FatZy8%2FcNKJeWdV6w%2Fd7zMNJjY3LSdwFPtomcLeRAtJRMrxEzFCmH3M4RDFHg%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee878889e-LHR
expires
Wed, 21 Sep 2022 16:49:54 GMT
lazyload.min.js
cripo.com.ua/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/
8 KB
3 KB
Script
General
Full URL
https://cripo.com.ua/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
319590
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 19 May 2022 22:37:23 GMT
server
cloudflare
etag
W/"6286c6a3-1ed2"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMPFsSvIOLEdLR%2B6kSNYpC73ulm6tLK7KWmzHX9Eq1uIVsTZ44AMn09YK0vtRLaFRBG6xJa5f%2FTE4rFK3IUwmRmdGc%2Fr%2FZi4%2FiQ4AXM3TdsEo79pyE4iYZHSuXKlsBNktiLvzqQ3FYrg37E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
74d77adee879889e-LHR
expires
Thu, 22 Sep 2022 13:46:48 GMT
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
951a26fa91dbd08b27f272212dcd15550b88090ef63191e9e9824b3b8c2cb194

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 22:41:31 GMT
x-content-type-options
nosniff
age
535709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9692
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:44:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:41:31 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 08:45:21 GMT
x-content-type-options
nosniff
age
585879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:45:21 GMT
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ace8e55eea47859364b4a2a7196c07565c09b48210b2744ed6ecc0475c2c97d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
s-right-s2.png
cripo.com.ua/wp-content/themes/cripo/assets/front/img/sidebar/
74 B
603 B
Image
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/img/sidebar/s-right-s2.png
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/main.min.css?ver=1660001800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc0cabd52e86caf0a51e8bd639b9df3a721fb57f439f7ddd3cd64502b67c578
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/main.min.css?ver=1660001800
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205441
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74
last-modified
Sat, 22 Sep 2018 21:10:34 GMT
server
cloudflare
etag
"5ba6afca-4a"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct8iilgUKkU%2BEFJnulrgOZw7ipsCAelwFlld0ZCyCz6dmHY73E0ObNmNhnDcQuBL3uDOHdFmYZI%2F3Xs64SkHTGGq%2BtnKgSWA3Kq8VgRVCQ0ffokasqeQ7qpbxuuf1iW8y3KxnlVuHUd1vdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77adf088a889e-LHR
expires
Sat, 24 Sep 2022 13:58:06 GMT
s-left.png
cripo.com.ua/wp-content/themes/cripo/assets/front/img/sidebar/
76 B
610 B
Image
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/img/sidebar/s-left.png
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/main.min.css?ver=1660001800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80770517ccc4f80563fbf11a0a8ace35fd89a2e276dc090c23b73b16e157fa8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/main.min.css?ver=1660001800
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
328873
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76
last-modified
Sat, 22 Sep 2018 21:10:34 GMT
server
cloudflare
etag
"5ba6afca-4c"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrttC3Yd6sgyQrE%2BqsbNA87MHPGHYIAjrQO2xBQ8AKbqqvlSiiVMFmHCLoOMV9UVMJgjle2RN9b4CZOexQZqmNS%2FifcbqO9QPZy0CArL4sOGmoz9JRtbuS%2FVOf0bnyJHxPhnTEjIJ%2BHS%2BBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77adf088b889e-LHR
expires
Thu, 22 Sep 2022 19:33:21 GMT
fa-solid-900.woff2
cripo.com.ua/wp-content/themes/cripo/assets/front/webfonts/
36 KB
36 KB
Font
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/webfonts/fa-solid-900.woff2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/font-awesome.min.css?ver=1660001800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1398670a1fabd16ce06d8e7e4f4c113a5e6bb1e89fcbab5cd8ded8cdb95f8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/font-awesome.min.css?ver=1660001800
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
268712
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36772
last-modified
Sat, 22 Sep 2018 21:10:35 GMT
server
cloudflare
etag
"5ba6afcb-8fa4"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCRB4Wk5CPmWDynLMnoyeuNKLKI%2FSVHmZ5dSvpjTqPFtTBlM%2Bsy6xPNN4rKCpbK2jo1SV3IuJN7NrkHZBGhSC7HbwGLWyJRgPmRApja57Ur2Tthyts4EeQ%2Bjtlmgw9SbgeyVuWOL064W9lM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77adf088d889e-LHR
expires
Fri, 23 Sep 2022 10:16:43 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 23:09:50 GMT
x-content-type-options
nosniff
age
15610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 23:09:50 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 22:41:40 GMT
x-content-type-options
nosniff
age
535700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9592
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:41:40 GMT
cvk-2-720x340.jpg
cripo.com.ua/wp-content/uploads/
83 KB
84 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/uploads/cvk-2-720x340.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021d98c8bc6675e473a27c790d9300804714d543c7575cfecd984879b7be2a5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6189
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85266
last-modified
Mon, 19 Sep 2022 23:08:28 GMT
server
cloudflare
etag
"6328f66c-14d12"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b72oFhrAAUw1UUXzlVKXGsYs0%2Be4fDkHKsU%2BTwxnGy1iT8pLgS3fM%2B1Ena5SrZsHpdmJgQzGtKdxA9O35a6KOgls0uoxf9Zkd1VZOD5R225Cqhr2aCKKgXqrfRlKYWEw2OSY4t%2FAOQkPWK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77adf38ac889e-LHR
expires
Mon, 26 Sep 2022 23:38:42 GMT
fa-regular-400.woff2
cripo.com.ua/wp-content/themes/cripo/assets/front/webfonts/
12 KB
12 KB
Font
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/webfonts/fa-regular-400.woff2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/font-awesome.min.css?ver=1660001800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d799704b0a38edb781472fd351fb6adb4a28bac0a74601d821930a6330f476f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/font-awesome.min.css?ver=1660001800
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16253
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12228
last-modified
Sat, 22 Sep 2018 21:10:35 GMT
server
cloudflare
etag
"5ba6afcb-2fc4"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eadBF23cvzjyy%2F5Bu4Nl40RjfKdThOOkxk6HLjQzgQXdxza701aifLdRIzva%2BsgpGqQvJGO%2BhuBCfzLXx6S2hxFkbMrYX30sBQAm73bRMxUNuGtadkbjHBZnsbjm1UZ1M4CxvlzaswgkvD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77adf48b6889e-LHR
expires
Mon, 26 Sep 2022 09:26:34 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 08:45:52 GMT
x-content-type-options
nosniff
age
585848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11816
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:52:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:45:52 GMT
main.js
go.rcvlink.com/static/ Frame 8AED
6 KB
3 KB
Script
General
Full URL
https://go.rcvlink.com/static/main.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d396df02b5d1618cfdcca3c3bb68241ce7ced903cd5d3a50604b51821bee86d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
last-modified
Thu, 11 Aug 2022 17:40:48 GMT
server
nginx
etag
W/"62f53f20-1892"
content-type
application/javascript
cache-control
max-age=86400
expires
Wed, 21 Sep 2022 03:30:00 GMT
/
c.bigmir.net/
128 B
419 B
Script
General
Full URL
https://c.bigmir.net/?o1&v9302&s8731&t0&c1&n352095&w0&y0&d24&r1600
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
d9af71ad7c3ec136a3c382882e01e0fdd88be977510f5554ddac07e616c5931f

Request headers

Referer
https://cripo.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 03:30:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
fa-brands-400.woff2
cripo.com.ua/wp-content/themes/cripo/assets/front/webfonts/
53 KB
53 KB
Font
General
Full URL
https://cripo.com.ua/wp-content/themes/cripo/assets/front/webfonts/fa-brands-400.woff2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/font-awesome.min.css?ver=1660001800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5124be9d33d058bab6388a40569f746a47d2569752dcc28c68e979d15a15e78
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cripo.com.ua/wp-content/cache/min/1/wp-content/themes/cripo/assets/front/css/font-awesome.min.css?ver=1660001800
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
421798
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53928
last-modified
Sat, 22 Sep 2018 21:10:35 GMT
server
cloudflare
etag
"5ba6afcb-d2a8"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BghSSsj9s6BezNCa78hnSBeclpzywWM7Y9JoyYtXGPnZi7qJE8%2BKImyhvNp3gqgH3JYKjwYOVcPI4cv1odXD4gHd6ArdoH5ZrMuVaYaio8mXUjWp8awxNTuzfJoWYDefWOeBmfc5cn5DdoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae00998889e-LHR
expires
Wed, 21 Sep 2022 10:33:10 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/
346 KB
122 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7ccc2fd2fd17880f18c52a16258e3d72a1e343a13c197c67eb8d150ac09c677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124747
x-xss-protection
0
server
cafe
etag
17432010471218968597
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:30:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/ Frame 7599
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
26320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 20:11:20 GMT
etag
9671129459699598864
expires
Mon, 03 Oct 2022 20:11:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3950698-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1680
date
Tue, 20 Sep 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 20 Sep 2022 05:02:00 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19-7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19-7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97faf1152eeadefeadbe043c69b18b8cc22dcb3f32ca914c57dfd69f3e2d67a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 15:28:49 GMT
x-content-type-options
nosniff
age
475271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15180
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:44:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 15:28:49 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/
376 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 20:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 20:26:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
90 B
720 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cripo.com.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
315d7a002dd3d80348d61978de068e5fc863ddd9850859f454c24d52f3b49a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84
x-xss-protection
0
expires
Tue, 20 Sep 2022 03:30:00 GMT
sdk.js
connect.facebook.net/en_US/
318 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=71c83a0aa68bb7b1bd9bd21d9cbcf954
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d45d97cab59d0128bcc90122ca81806553e93bdbc8f10e5cd9ab465ccf752573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cripo.com.ua/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
dB950SCwwKfME0watLfeWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88743
x-fb-rlafr
0
x-fb-debug
CU0BdSNqMk6Mu+ec50LdBZGcaDU2MGjSh/i3GmXAcC+lcbDPPyHQURXVKrF885PGP/KWJ9Uud29QiQ7hY8CsGw==
x-fb-content-md5
dfe9a1f77c79cab792868b9c9b339e26
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"70bbe14620a3607b4a164480a2a83cc4"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Sep 2023 23:00:17 GMT
1
go.rcvlink.com/cs/1/ Frame 8AED
34 B
236 B
Script
General
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
8d1f31ff7a597584e1bd725247306a107e19878cfb3dc97eab204f9f1bb0621a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b14
cache-control
private, max-age=315360000
expires
Fri, 17 Sep 2032 06:30:00 +0300
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1330808656&t=pageview&_s=1&dl=https%3A%2F%2Fcripo.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1773722727&gjid=527662195&cid=2095285835.1663644601&tid=UA-3950698-1&_gid=466345965.1663644601&_r=1&gtm=2ou9j0&z=1059289657
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cripo.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cripo.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
216 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=cripo.com.ua&callback=_gfp_s_&client=ca-pub-6866881496498119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d6d8092d1133ef491dc0c3476fc32dddab0f57d9516633db6d077adc91dfa481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cripo.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cripo.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 36AC
330 KB
83 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&adk=1812271804&adf=3025194257&lmt=1663635313&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcripo.com.ua%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600334&bpp=4&bdt=408&idt=338&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1988934572422&frm=20&pv=2&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=356
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a11fa6fe41575f726580a25425b78c1fb7af65967c61cf230e440734d078e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
85286
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
expires
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
iframe.htm
go.rcvlink.com/static/ Frame EEE3
19 KB
9 KB
Document
General
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
30b4b5641b2430f0d935fa51e79cd8f19876b80efdab2c3c9cd75077086d4281

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 20 Sep 2022 03:30:00 GMT
etag
W/"63211fd2-4c10"
expires
Wed, 21 Sep 2022 03:30:00 GMT
last-modified
Wed, 14 Sep 2022 00:26:58 GMT
server
nginx
ads
googleads.g.doubleclick.net/pagead/ Frame 3DFE
146 KB
47 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
920bfe66ce4bfb06c7abcc11a3ed42da28a2219cd7ef1e89c29c72b458f57747
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKji3Yu3ovoCFYRjFQgdm_oOiw&gqi=uDMpY8b_MsrO7_UPxomqkAw&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
48263
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKji3Yu3ovoCFYRjFQgdm_oOiw&gqi=uDMpY8b_MsrO7_UPxomqkAw&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
expires
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
code.js
top-fwz1.mail.ru/js/
32 KB
14 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Tue, 13 Sep 2022 17:32:31 GMT
server
nginx
etag
W/"6320beaf-7ecc"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 20 Sep 2022 04:30:01 GMT
3_1_1.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u1959&p252&n0.28854086485339003&c1&d24&w1600&h1200&r/cripo.com.ua/
  • https://i.i.ua/r/3_1_1.png
2 KB
2 KB
Image
General
Full URL
https://i.i.ua/r/3_1_1.png
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f8d8680396eedbe81ac79acd3ad154606cd802314ac8614071f8725317ea8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2006 16:33:07 GMT
server
cloudflare
age
26430
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
74d77ae59e6871b7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2138
expires
Tue, 19 Sep 2023 20:09:30 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
https://i.i.ua/r/3_1_1.png
cache-control
no-cache, must-revalidate
cf-ray
74d77ae3bd4d71b7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
top100.js
st.top100.ru/top100/
98 KB
31 KB
Script
General
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
c13a53c095336964ba6af0a1fd345cb472efc936e8fbd9631e6b4269b5c63028

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 11:17:00 GMT
server
nginx/1.19.4
x-amz-request-id
tx00000000000013b0df52e-006329327d-f8aa9c-default
etag
W/"a8cc5f62f254bff5f2c1919a453a47b9"
vary
Accept-Encoding
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=3600
x-rgw-object-type
Normal
content-type
application/javascript
expires
Tue, 20 Sep 2022 04:30:01 GMT
tag.js
mc.yandex.ru/metrika/
205 KB
71 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 05:57:38 GMT
etag
"6323e622-118f0"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71920
expires
Tue, 20 Sep 2022 04:30:01 GMT
informers2.css
sinst.fwdcdn.com/css/
15 KB
2 KB
Stylesheet
General
Full URL
https://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by
Host: sinoptik.ua
URL: https://sinoptik.ua/informers_js.php?title=3&wind=2&cities=303010783,303018950,303014487&lang=ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
content-encoding
gzip
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 07:03:52 GMT
server
nginx
etag
W/"57469fd8-3d41"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Wed, 20 Sep 2023 03:30:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
439 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3950698-1&cid=2095285835.1663644601&jid=1773722727&gjid=527662195&_gid=466345965.1663644601&_u=YEBAAUAAAAAAAC~&z=740510133
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cripo.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 20 Sep 2022 03:30:00 GMT
content-type
text/plain
access-control-allow-origin
https://cripo.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame D734
15 KB
9 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcripo.com.ua%2F&tabs&width=230&height=70&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=519720965151294
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3430421ad94660d1b69634985637bdae54fcde889a0910ee7474f353b00a449f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 20 Sep 2022 03:30:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
cFRAZFQYb4QD7F6Uh3E/XH/7LrkZ3ctqvTFIsGAh4c9vFTXXe6w1cW6+oRvoXjst9lSWSE7C51cSCuKw1p5ymA==
x-fb-rlafr
0
x-xss-protection
0
cripo.png
cripo.com.ua/wp-content/uploads/
4 KB
5 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/uploads/cripo.png
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f18eaf4ecf86a83188e345382c85495e4ac458d65cb6c81410fc754139dffa2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27672
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4603
last-modified
Sun, 30 Sep 2018 16:34:34 GMT
server
cloudflare
etag
"5bb0fb1a-11fb"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Btb1AxARk9Ut5GqCkkQqq%2FgckC58rLYOSMeoNluw6yJ7ADs8ItQcabWBN25mpXQ6kFubuQMGV3TaSb9gnWKYyR%2FZAnwz6P0u84EpCpya0kYIXJKdKwPSje9Gs21e%2B%2BUuYUPo9%2BfzbXEyxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c54889e-LHR
expires
Sun, 25 Sep 2022 21:57:34 GMT
bg_top.jpg
cripo.com.ua/wp-content/uploads/
11 KB
11 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/uploads/bg_top.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9729e74cb0a9b72d7be4a9deec8df6af91f2aa75da3676e67818b532548f85c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
421797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11067
last-modified
Sun, 30 Sep 2018 19:16:17 GMT
server
cloudflare
etag
"5bb12101-2b3b"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr0QVfuWGt7ni7bGdqzJi451LArSk8KnF4v8flYWTsDO51ozkuU%2B547QpTJ5u5THQW60YOBWxVDGxl7c9i9cTxQwgCMvivmMhN0UURDkx7y4jBgMKcY0Q7hzgT0VK83d631IA%2B6%2B77yiMos%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c5f889e-LHR
expires
Wed, 21 Sep 2022 12:46:54 GMT
41818556fd76ae7_200x200_right.jpg
cripo.com.ua/wp-content/cache/thumb/e7/
44 KB
45 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/e7/41818556fd76ae7_200x200_right.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63138e0b1c4fb2d044739cbff9980fa61b99c775cd7a80e5446e03b777c3f40c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45050
last-modified
Mon, 19 Sep 2022 05:50:29 GMT
server
cloudflare
etag
"63280325-affa"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gYTS%2B90DoGZnERr70k3%2FoAR3M3ntRGqpdVlotDpe%2BfOTDpbAS%2BbFSS3OdXs%2FhuC6OVwr9M6IOK25xrmAfBx6gsL6paQwxCIGPcFL5yu2M36dB9wKGaKhs%2F4WS0qDZzkFsfr47EJzz4v5WA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c60889e-LHR
expires
Mon, 26 Sep 2022 05:50:48 GMT
2c4d9d9768c5fc0_200x200_right.jpg
cripo.com.ua/wp-content/cache/thumb/c0/
28 KB
28 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/c0/2c4d9d9768c5fc0_200x200_right.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
593416dcedae90588e05c3ecdfe88cdc495a5f7e1667d3e86621e4acc4065b62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28518
last-modified
Mon, 19 Sep 2022 05:25:41 GMT
server
cloudflare
etag
"6327fd55-6f66"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZTV8l%2Fc8KJtSGyTnJ%2Fb0iHikS3I0x9mQZ2GNcUf1xNI3NNh1gyidey9ge%2BlgcZC3V%2Brh%2BNsAmlOXibRhzlu2uHPYm0%2Bz9h%2FjH8JPohsQoowWOm0gYGiYW%2FnPvDEkeVpObwGxoGcziyEiFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c61889e-LHR
expires
Mon, 26 Sep 2022 05:26:02 GMT
ecf83923daddd41_200x200_right.jpg
cripo.com.ua/wp-content/cache/thumb/41/
36 KB
36 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/41/ecf83923daddd41_200x200_right.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5971000c8e746b696100d9953e1904039ebdbd62bcc4a2e368248dcfe6c7312
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36479
last-modified
Sun, 18 Sep 2022 21:46:22 GMT
server
cloudflare
etag
"632791ae-8e7f"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkSq9GchjDAz8lf6zNkbz8Re4ZoEp6iIl8y3akWW3ImP5vnY0KEzL1aAyP%2Fe2qiEu9MlbJHikhj7qrtyFHWQEnJwhlqGJ0R9w4vj%2Bs94npNc27tu4Jn70FyHl2y1G130Lh4rWEDI6u0RQTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c62889e-LHR
expires
Mon, 26 Sep 2022 23:03:20 GMT
e24af06950019b2_200x200_right.jpg
cripo.com.ua/wp-content/cache/thumb/b2/
35 KB
35 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/b2/e24af06950019b2_200x200_right.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e24012a8bf63772abdef07918b0a3d158b39be2ccd2b3ccdcc68c9d4830357c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50251
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35667
last-modified
Sun, 18 Sep 2022 07:02:58 GMT
server
cloudflare
etag
"6326c2a2-8b53"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeNqx%2FFhPx3ozZWeUNPB4aDguDNzZnC7UuDde5IGy07EHfKy%2BKI%2FEhITusOmmxkhmpo9genFNiJEIyattOesBaT34anCzG78qF3VCILFvKkLslUgwfX0I23BytkfNrvWRpKFCe%2FiGHel1wM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c64889e-LHR
expires
Mon, 26 Sep 2022 11:11:45 GMT
09c7c9c3cbf5523_200x200_right.webp
cripo.com.ua/wp-content/cache/thumb/23/
54 KB
54 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/23/09c7c9c3cbf5523_200x200_right.webp
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9a3af430a8f9342eb4fa2727286752c002722b2e44179f281a0da69a71e0de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
cf-cache-status
MISS
last-modified
Sun, 18 Sep 2022 06:04:06 GMT
server
cloudflare
etag
"6326b4d6-d742"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=602Wsh4Cd6WfqtKfpz3BzESSsfqnTXL7f3BizhYKHKdJBfBFFj4qArnPo229ZJ76fB4DvYq3DblqygU9asBhoS3YWt%2BLVjv7bnXOC5gjscCaUbYKaPf11NatSWJnHA1AeERVUbSCu0yd%2BE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
accept-ranges
bytes
cf-ray
74d77ae37c65889e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55106
84da68b223d77ad_200x200_right.webp
cripo.com.ua/wp-content/cache/thumb/ad/
21 KB
21 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/ad/84da68b223d77ad_200x200_right.webp
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2aa3b0a1227c41bcf3ffe60f4c56d6319c72b93fd69639848a994064541984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
cf-cache-status
MISS
last-modified
Sun, 18 Sep 2022 05:43:58 GMT
server
cloudflare
etag
"6326b01e-5218"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBgNc%2BiNv1fsrMfgQAjX1PVPiOMbeFVeR5HOf%2FtjMBx9SIp1FL9SEf8hSY1VkzLIHKcUlaQt1zsov2TXCvsPiU4T6Jx1WZHGvFaCq6PY088XsCeLzJvmV%2BFtBs6FCadydNeH7A6GrU0uyxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000
accept-ranges
bytes
cf-ray
74d77ae37c67889e-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21016
34ad47206e33c55_200x200_right.jpg
cripo.com.ua/wp-content/cache/thumb/55/
42 KB
43 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/55/34ad47206e33c55_200x200_right.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4313f0c5455136f3863bc16dae6bf769d6610d0ebec6e11889a317ef7d7607d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50250
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43060
last-modified
Sat, 17 Sep 2022 06:37:15 GMT
server
cloudflare
etag
"63256b1b-a834"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qq23nEEcoO2QQuwjlhdk6uPGc6Vr%2Fb%2BnFmJ2c0eT2gnWWhbE%2FUQsSJdrtCZLH%2B40GWbmpu0s1Hno8VUzySkR%2FUMLOPCQ%2Bfz2KjBXOwsfkFCxFl%2FQU1r85UMnGkbVTT9C74IH6bxFvwkhjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c69889e-LHR
expires
Sun, 25 Sep 2022 15:11:21 GMT
aa850498fe9a7ca_200x200_right.jpg
cripo.com.ua/wp-content/cache/thumb/ca/
26 KB
27 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/cache/thumb/ca/aa850498fe9a7ca_200x200_right.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcdd3aeba803256ef93e455ff8a4fa1f3ef4a693fa622aec7b637f353b14dc90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50250
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26744
last-modified
Sat, 17 Sep 2022 06:03:59 GMT
server
cloudflare
etag
"6325634f-6878"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m46WxGtrTymC%2B%2Fe5SCaPYbB4%2FMcU3ho3rauKMafqmx5wttwOql3nrFwipOQxS0yIvcqfPIRo%2BzQQeImv6FooylsjyMGE%2FYyLEVC6ZJdyshzDNmpTx8xCWHzJ1bxgr%2BLhKvr0mtUllTjZoTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c6a889e-LHR
expires
Mon, 26 Sep 2022 08:07:23 GMT
307082293_3582712311970552_2278029090444344115_n-200x200.jpg
cripo.com.ua/wp-content/uploads/
10 KB
11 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/uploads/307082293_3582712311970552_2278029090444344115_n-200x200.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a761d6674aeda2473573feb14bad841b4c9d72fdb0bcb4a6de5da5e71d3005e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205439
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10417
last-modified
Sat, 17 Sep 2022 15:50:28 GMT
server
cloudflare
etag
"6325ecc4-28b1"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3dJtqE2wuo4PomM6%2FYBXbdThIqSmAABcJczDrWlv6l%2BigSVdatoSZzVGbcoNpDJyka9caPH%2FmxFbFgdpu25uShWVYLpncElMNWER7pU2HT8OkgEEym7pN%2BnjgvAOc4gEu%2BL29Pcc23J6oU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c6d889e-LHR
expires
Sat, 24 Sep 2022 15:50:39 GMT
photo_2022-09-10_20-57-13-200x200.jpg
cripo.com.ua/wp-content/uploads/
7 KB
7 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/uploads/photo_2022-09-10_20-57-13-200x200.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3916ef1e360e08a918d339ffab15166f25be3095d900e02fa1f3ca0f4324f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
443040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6753
last-modified
Sun, 11 Sep 2022 11:12:52 GMT
server
cloudflare
etag
"631dc2b4-1a61"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUSCQUZaKZyLobfDYi5qJp9t2p%2FQ%2Fy7kv4s6ekMJpWDU%2F3%2F4PlWBBtrjeXsMu6WujXzS1bgLVCWKSvmv26W3xe2T23Ax1SM3gUgrvQ9RvPsCuurD0GoZj2RWctzuJVZEBzfKvH2MScMjZSM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c6e889e-LHR
expires
Wed, 21 Sep 2022 11:27:41 GMT
photo_2022-09-11_09-10-06-1-200x200.jpg
cripo.com.ua/wp-content/uploads/
14 KB
14 KB
Image
General
Full URL
https://cripo.com.ua/wp-content/uploads/photo_2022-09-11_09-10-06-1-200x200.jpg
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d2da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699f43621184d380dc3c696b3835f1f4b36cf9574e783479fd35abda4917a18d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
220310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13850
last-modified
Sat, 17 Sep 2022 13:14:35 GMT
server
cloudflare
etag
"6325c83b-361a"
strict-transport-security
max-age=63072000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=610zYQYC2HRjI4RVMorKNM%2Bsv4b%2F9FZ8%2BJLCI%2BHtj74isG2rBTBESwIuGJlqaV8GVP2m8ruJO0hTSTUfc3dnSnJ9dMf5%2Fy1nArmECStpjLB%2B%2FLdObRXZ7g%2BKprvBqQMxaco24N53d7HPo4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
74d77ae37c6f889e-LHR
expires
Sat, 24 Sep 2022 13:14:41 GMT
ads
securepubads.g.doubleclick.net/gampad/
59 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4025851348637579&correlator=2080389497082977&eid=31069626%2C31069635&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=43356090%2Ccripo.com.ua_240x400&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=3&adks=293892810&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663644600934&lmt=1663635313&dlt=1663644599926&idt=982&adxs=250&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcripo.com.ua%2F&frm=20&vis=1&psz=280x400&msz=240x-1&fws=4&ohw=340&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33b743f3d52c003790ea9c00504d0642c718ddfe3756aa5ae1d0d3c8f2dd8859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cripo.com.ua
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c4cc15f7cab4592d9b94c9aad88cda6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C6C
6 KB
4 KB
Document
General
Full URL
https://c4cc15f7cab4592d9b94c9aad88cda6b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
expires
Wed, 20 Sep 2023 03:30:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logo-t1.png
sinst.fwdcdn.com/img/informers/
1 KB
1 KB
Image
General
Full URL
https://sinst.fwdcdn.com/img/informers/logo-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-4d5"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1237
expires
Wed, 20 Sep 2023 03:30:00 GMT
hlc-t1.png
sinst.fwdcdn.com/img/informers/
181 B
389 B
Image
General
Full URL
https://sinst.fwdcdn.com/img/informers/hlc-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
x-server-by
sinfe3
last-modified
Wed, 05 Nov 2014 09:28:02 GMT
server
nginx
etag
"5459eda2-b5"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
181
expires
Wed, 20 Sep 2023 03:30:00 GMT
term-t2.png
sinst.fwdcdn.com/img/informers/
406 B
616 B
Image
General
Full URL
https://sinst.fwdcdn.com/img/informers/term-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-196"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
406
expires
Wed, 20 Sep 2023 03:30:00 GMT
s-informers-t2.png
sinst.fwdcdn.com/img/informers/
33 KB
33 KB
Image
General
Full URL
https://sinst.fwdcdn.com/img/informers/s-informers-t2.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-8433"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
33843
expires
Wed, 20 Sep 2023 03:30:00 GMT
frc-t1.png
sinst.fwdcdn.com/img/informers/
155 B
364 B
Image
General
Full URL
https://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-9b"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
155
expires
Wed, 20 Sep 2023 03:30:00 GMT
flc-t1.png
sinst.fwdcdn.com/img/informers/
148 B
357 B
Image
General
Full URL
https://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by
Host: sinst.fwdcdn.com
URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
srv150.fwdcdn.com
Software
nginx /
Resource Hash
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
x-server-by
sinfe3
last-modified
Thu, 26 May 2016 12:47:34 GMT
server
nginx
etag
"5746f066-94"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
148
expires
Wed, 20 Sep 2023 03:30:00 GMT
/
go.rcvlink.com/bdto/bcf13d712b/ Frame EEE3
5 KB
2 KB
XHR
General
Full URL
https://go.rcvlink.com/bdto/bcf13d712b/?cache=tpzb6NDbuGv-2Bs&ver=220914-0326&w=1200&h=0&vw=1600&ms=695.72&me=0&ref=https%3A%2F%2Fcripo.com.ua%2F
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
5fb840b5c052f6f9b072cd6f1615f3035afea2fcfafcbe926eedcfde3b3b5742

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 03:30:00 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b12
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/json
expires
Tue, 20 Sep 2022 06:30:00 +0300
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3950698-1&cid=2095285835.1663644601&jid=1773722727&_u=YEBAAUAAAAAAAC~&z=1365875396
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3950698-1&cid=2095285835.1663644601&jid=1773722727&_u=YEBAAUAAAAAAAC~&z=1365875396
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0fa2b5f2cffde375fbb6f6882463a4ec
st11.rcvlink.com/2/200/ Frame EEE3
8 KB
8 KB
Image
General
Full URL
https://st11.rcvlink.com/2/200/0fa2b5f2cffde375fbb6f6882463a4ec
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
99caeac50da5f65990ace453a7dd0741437cdb8d1ac3a6404563b0670837d689

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
last-modified
Fri, 03 Jun 2022 10:19:54 GMT
server
nginx
etag
"6299e04a-1c62a"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
7962
expires
Mon, 19 Dec 2022 03:30:01 GMT
b260abab1395a87145ce4c141b440cc0
st11.rcvlink.com/2/200/ Frame EEE3
8 KB
8 KB
Image
General
Full URL
https://st11.rcvlink.com/2/200/b260abab1395a87145ce4c141b440cc0
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
3211eb6a4da5a6c8c5bf408491f53c2fa4f2a650842fe7ec8b1d1f08ae2a92e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
last-modified
Fri, 14 May 2021 14:42:00 GMT
server
nginx
etag
"609e8c38-fcec"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
8120
expires
Mon, 19 Dec 2022 03:30:01 GMT
4fa0a4b4b34a13abefc36d1dc8305ceb
st11.rcvlink.com/2/200/ Frame EEE3
8 KB
8 KB
Image
General
Full URL
https://st11.rcvlink.com/2/200/4fa0a4b4b34a13abefc36d1dc8305ceb
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
363aab6057a43e9d7e3b9447718d48e28440146920dab17aafac9c5779314893

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
last-modified
Fri, 03 Jun 2022 09:50:28 GMT
server
nginx
etag
"6299d964-1bf89"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
8402
expires
Mon, 19 Dec 2022 03:30:01 GMT
7f4015c1c353e9d0354186ea45a77ac7
st11.rcvlink.com/2/200/ Frame EEE3
11 KB
11 KB
Image
General
Full URL
https://st11.rcvlink.com/2/200/7f4015c1c353e9d0354186ea45a77ac7
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
60fe3d31fa37d2b79b59e2047eee2698289c35bd367607991f5b3ba9d4e7401c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
last-modified
Fri, 17 Dec 2021 13:34:07 GMT
server
nginx
etag
"61bc91cf-14240"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
10782
expires
Mon, 19 Dec 2022 03:30:01 GMT
logo160.png
go.rcvlink.com/img/ Frame EEE3
6 KB
6 KB
Image
General
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Tue, 27 Sep 2022 03:30:01 GMT
LCk4sW0HG9R.css
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/ Frame D734
20 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/LCk4sW0HG9R.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcripo.com.ua%2F&tabs&width=230&height=70&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=519720965151294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98beb24665ffbb12739a80744daae9449bca18e8ab4cfc3fc0fc10f259bef71c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IqsuwUY6l1z80XrlB/Okwg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5037
x-fb-rlafr
0
x-fb-debug
8pt1QcpUtVbNgJ+FjDvOjQ5ESzsx/by31ZgHUoRa7LS1SK0OQy+6YlGdd/rj1QWOSbCEz3WU3QYxGDpCVsJiLg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Sep 2023 15:47:16 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame ED81
16 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0d9a43a44410166fc5ff483dace5234c3d9e35e190069b1b974ef505df89753
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
550985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3892
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 18:26:56 GMT
expires
Wed, 13 Sep 2023 18:26:56 GMT
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame A827
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cj-xouDMpY6imNITH1fAPm_W72AimisnAbOXEy4GXEI2xluSSMRABIOuCxHVglaLxgZAHoAGyisGqAcgBCakCSq06kblSqT6oAwHIA0iqBPkBT9D12i4G47E6xF_-X-PxTSFTLWuobQaNzdUekpLawmvVnHarP92pA0pR2s4PxQDLKGT1q8q_n6p2nxxWuoBx7f8geUk-r2p2_qthdLJxIpk2EGKFXYiejVwN2R0yhlgsUgYkC3lqZtEqeBjSmeEzUAFDLlVuFY9--s6utlAvm9kTUsJVghLLmPfCwv_A38-wR4hVXEmAXyBwkN5nXwQR_OnYCaAYrNIH9I1ZJaec8nzKwe97stvcVmXY2Ug-ax4JDMFz1A1ECN65y9_AbuyNlbOv9iXqztz-hkym2RrKjg4OTvArAJwV6f01Mo1YjRD__ie_s_ecDtCVwATukPjzlASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDjuA3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02ODY2ODgxNDk2NDk4MTE5GAA&sigh=TAwfHIwjdsw&uach_m=[UACH]&template_id=419
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 20 Sep 2022 03:30:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame A827
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:06:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5005
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9550
x-xss-protection
0
server
cafe
etag
715955199520789971
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:06:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame A827
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:34:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame A827
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 03:04:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A827
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 03:30:01 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73dd3dbe49b49c3d8d6ca6544f27751ef702ef7e2875c00f78477623365bef23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54572
x-xss-protection
0
server
cafe
etag
10209867506516934817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:30:01 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cripo.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cripo.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6585
31 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38d3fcebc202a24d848608dd8e39613b37107cc9809c2c196a2fc5c79bdb9737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12612
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AF7B
26 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9564785137d06810520a77aa69eed7ee9ba74573ce69a42d1aee2c5cc06278f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11897
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/
606 B
388 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 03:30:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 20 Sep 2022 03:30:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Sep 2022 03:30:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-6866881496498119&c=5&e=44773165&h=cripo.com.ua&ld=uk&lx=uk&m=29&n=0&o=a&p=308&t=0&w=3934&x=22&sap=0&tap=1&bap=1&nsr=0&im=0&mo=0&hesa=0
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter
top-fwz1.mail.ru/
43 B
957 B
Image
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=990139;u=https%3A//cripo.com.ua/;st=1663644600817;title=%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=20c011112a744bc3;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1663644601442%3A1663644601463%3A1%3Aa70246a8f9386c5ccf7ca81ca51ab09e;opts=dl%2Cjst-gtag-ga;visible=true;_=0.4105775764040551
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9766.EgxOliSJL5ZxlXFARhdm4xXTA7R66KPKAVCvU1pFT8vplN8AFtbmRC3K1Lz2-230.olvROj9YZ7hHeHPZBhgUYut3KxE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9766.jQxVbu40dYHRBx_KlBUoteug8oBAAs5aiDcUIc6VMMftMlkMSVnimjdC7Br-6qfPpcSjXbwfhGxeGpTbYka67A%2C%2C.474byduHZlgQbUSuyBLhgXWbiMY%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9766.jQxVbu40dYHRBx_KlBUoteug8oBAAs5aiDcUIc6VMMftMlkMSVnimjdC7Br-6qfPpcSjXbwfhGxeGpTbYka67A%2C%2C.474byduHZlgQbUSuyBLhgXWbiMY%2C
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9766.jQxVbu40dYHRBx_KlBUoteug8oBAAs5aiDcUIc6VMMftMlkMSVnimjdC7Br-6qfPpcSjXbwfhGxeGpTbYka67A%2C%2C.474byduHZlgQbUSuyBLhgXWbiMY%2C
date
Tue, 20 Sep 2022 03:30:01 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_check
mc.yandex.ua/
0
0

publishertag.ids.js
static.criteo.net/js/ld/
40 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-a1fb"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 21 Sep 2022 03:30:01 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 4F86
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
37265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b9e6b1d3ca7cc68d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4F86
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
37265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dcaf3864e0ab6b08"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4F86
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
37265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"95b4b320f7966d1a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4F86
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
37265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5561dff7c028bd87"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4F86
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
37265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00747b471d2f1a24"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:56 GMT
css
fonts.googleapis.com/ Frame 4F86
8 KB
712 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfe06d200a4963b3da08554d4f1e769a11a84193228432758853b7d963c04e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 02:18:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 20 Sep 2022 03:30:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Sep 2022 03:30:01 GMT
uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4F86
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/uk.png
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
64426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14587847488922671356
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3073
x-xss-protection
0
expires
Tue, 20 Sep 2022 09:36:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4F86
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
64426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 20 Sep 2022 09:36:15 GMT
l
www.google.com/ads/measurement/ Frame 4F86
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmrEc7IVxYxDwekBQ48Idc6jvKJTZLnuhZxCpVwyc3_whXixuk8nkUEAJuVNKiRiRPH_JVa7boXKRCXMsMZkNcLzRxfA
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 4F86
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0hAZuTMpY9ThBoqK7_UPl9aX0AWckaesa9LVvKChEK3oo47cMBABIOLO8ChglaLxgZAHoAHj0YXbAsgBCakC7xpPE2HSsD7gAgCoAwHIAwqqBJ4CT9DSmux1AtApZ58FWXEFnJEXoKZ6m9nKwNxktmgTAsCtyX-PJZ_ikqNAu52JiGkpei4lnHCMSU-BvtLlKH-hlubys_LsqatbtUhaHkTbFC2e88OM3YgCqhf9EanXnGPnWDWMmLXspzePm682MFynKMoeJnrKV7aJsnB-jTlfYsz33uC3V8oq9xCEnLJpPwwhI25rV_-1G2o1nxFpwCei3NsbCZMo9gBABdOvo6af3vkaGpcn9i0YVBJGcn11eFIu7wjBN8AFL-MTXqTPOLkfPDtL65IwqXO0Di4ARZ5hGmh9rXgoRDwDmukZZdwlHvFiB3AK11KiI2-YpZbMk5kk5J72SmuMc9hdUdFXEotUgxKcoq7MUtWqyZup1wjrC8AE0NnPg-QD4AQBoAYugAeFrvqkAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIfsA9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTA4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05NTk3Njg4ODUwMzAwNjI4GMKaIg&sigh=FrjMl6SBeko&uach_m=[UACH]&template_id=5000
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

advert.gif
mc.yandex.com/metrika/
43 B
112 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
last-modified
Fri, 16 Sep 2022 05:57:38 GMT
etag
"6323e622-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 20 Sep 2022 04:30:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C7FD
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 02:39:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A827
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca06b7508ef7e06b86990be1ca7678bbe8eb9dad5b64a0d99161fb3652cba28d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/4755486734744107014/ Frame 4F86
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4755486734744107014/downsize_200k_v1?w=400&h=209
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4be34a3fff1cdfcb21d709e93b852f611536ae1d68fc0c165b87544a27e078d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 00:41:02 GMT
x-content-type-options
nosniff
age
442139
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11417
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 17:03:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Sep 2023 00:41:02 GMT
truncated
/ Frame 4F86
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4F86
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4F86
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b76c6d779e3dec06b163f6e16b35ad76f0bedb69e062097c81cbce7e8e3da1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame ED81
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Sep 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ED81
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Sep 2022 09:36:20 GMT
e6f40d138158e41bbc4290d1d8f9ae48.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame ED81
84 KB
22 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
521909
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22268
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:31:32 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:31:32 GMT
userip
kraken.rambler.ru/
13 B
415 B
XHR
General
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
bb75e418092f5a928f36d07d6596a96a254bc5aa288c519a9323c301af3555e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://cripo.com.ua
date
Tue, 20 Sep 2022 03:30:01 GMT
x-srv
2node0044.top100.rambler.tech
content-type
application/octet-stream, text/plain
content-length
13
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/ Frame 5335
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
25325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 20:27:56 GMT
etag
9671129459699598864
expires
Mon, 03 Oct 2022 20:27:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/ Frame F40D
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
25325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 20:27:56 GMT
etag
9671129459699598864
expires
Mon, 03 Oct 2022 20:27:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame AF7B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 03:19:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame AF7B
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:33:52 GMT
l
www.google.com/ads/measurement/ Frame AF7B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTm2k4k6rvFjzEBTzJJHt5zK9pWTdzK_eW2_Zs5ZTyfG2ksc22gM7P3s8Dmj3XHuRrGOq2-EAR5zeigVwMpoZWTfIw4zg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF7B
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 03:30:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 4F86
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cripo.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:50:24 GMT
x-content-type-options
nosniff
age
31177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 18:50:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AF7B
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXJepuTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE3gFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPd0u_b13rl7SMniW3awMfFycNywy7gAPiCYGntppbqCOtI9Bjjs6ABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY4NjY4ODE0OTY0OTgxMTkYAA&sigh=YD8YFB1DxEY&uach_m=[UACH]&cid=CAQSOwCsnQUxNZY7_a4N1xZvviG_CHfiNcB-11fx-aeHdQ5Q2q7wmSP9AKc8B572Uytdil8H2VYQyhruOB6DGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame AF7B
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFMz6RLAJPJ2DYgICAAAA22uBPlhvgd_4mLjG4K2o3xC5MyljjfViN8ryrBT4wloAEgAA&wp=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
server
Kestrel
server-processing-duration-in-ticks
226308
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame FCF1
211 KB
59 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
da11cbdb16431e70f4718401504d7d61e6a811e9fc0ccc5f386d2c4aff429040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vtACQ5h_NfHVahRzi03Wj2YSprUwvsTQrnBDHIaZfdC5rj5IoF6R5Aq1DyxWExCqW2335vonpAcXC_HNa5xNVFaNA4xUANr3jCHF3J1dQnbaZUT8xG-u8bc7fQrjiFv-8bo7vTBjrfcd1CeZU30T_cqVgeOrvmLRF2g034H1rRwriDYuh580TmJRnBKlwtbBBwoCXSK1I_tciBhi0_zYQMqbizGHhEVmzo8zMx83235oei1B8fGM8sBAFsgYFr_3DzYn0w"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
112538378
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E0B7
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
53956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Tue, 20 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 0762
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFkaRuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBN4BT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGD9PR8Jp0fFLJ1tu6NAnUwThGmf2e9LmZpk4kAPVxJ1aP0ppDvbNgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY4NjY4ODE0OTY0OTgxMTkYAA&sigh=DEGh1Yb140o&uach_m=[UACH]&cid=CAQSOwCsnQUxXhvHLw7JjlNJFm9gUkveYagZFUdZErWUBki3bEjkCNlW0VnfVB24iebsu2oPtUDCs4DVsXCvGAE
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 0762
0
0
Fetch
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g8fh5abwkm71j89y8kew9e7pvpvytg81xhy9tp4s53vn3fdpjhbna0te8q2ng041key9xscx3mye3p70cj4apx98rr3570h96ntewg142899fgwmtynh8scysca2yjvb5cn7n81bwx6mrgb35pjeha728c9bkc4wcad82w71dkayr1r43cp0a78gkq3xra0nrs4pvnyz7d36enk1at8n08v8ncxn58s8axhh230p4crcawjw6djnrwhqc6d0c1gcchjj10f8baqsg96qef8wk3tdk6c1zehjh05k8t8g9zke9x8bzw749dtpa9g9f68bmfyyr45b775xdxjapv4vfhh65yqv39w1dmhyndg48sj0dnt011yg3nfjbfp8zbc80tcvw6tj0hegh84ya8sj7g&b=YykzuQAGviwIFVstAAULDUZ96v3BdsY0yOb1hw
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 03:30:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 0B3A
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1gbtgqewvqjngbj9peyx9qky69g9hmnx5hkm84x22ee4c8tecg2mtqbkjt99wfxv59g3p1cxpwnq9w4aveb5ykqa0vdse0wbxa1xmkew7hrkjc2j0j5fjmrs6d7xh7rc8dg60j498d5pfr2ga3z8tc1b6azchwj66pqa49m4q8nwc1jwj2xysjdg53vbj8fkv6d8szx9k37fxweyjj7yx04x8dybrvp4ct00897p9mex0yf8fvn6wd7yp3k7nvhmgqgfztyegpfde87fh20z6j4hvb5mej38d2trftwke1kjpqbc0n2a6sv8j5atqmx2fb0yh8wkvpedj1y61enwyxae8py33gcq1vzdh6dnacafq7p0xx4e93rpnfeb3p4b2a616j0jndvhxten7h5e2069hmz4a8h6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%26client%3Dca-pub-6866881496498119%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da17b5f5a32fe9152de843380147c3166f3bd6544cebe5653d203c8ab067a36d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74d77aea4c6d72ac-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 0762
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 03:19:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C085
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
53956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Tue, 20 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 0762
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:33:52 GMT
l
www.google.com/ads/measurement/ Frame 0762
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-rbd7kt6B4vMBhX2unF5Txmj9B5x0PEzHThHw8JHD3xfhMvQhWuChDXlDxNTt7fGLXoImqPMyQ_ivHqzEeShBpqFLMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0762
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 03:30:01 GMT
syncframe
gum.criteo.com/ Frame F87F
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cripo.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:01 GMT
server
Kestrel
server-processing-duration-in-ticks
696141
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
css2
fonts.googleapis.com/ Frame 5335
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 01:48:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 20 Sep 2022 03:30:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Sep 2022 03:30:01 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5335
205 B
742 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 01:43:43 GMT
x-content-type-options
nosniff
age
6378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Sep 2023 01:43:43 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5335
604 B
694 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 01:32:46 GMT
x-content-type-options
nosniff
age
7035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Sep 2023 01:32:46 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 5335
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8202
x-xss-protection
0
server
cafe
etag
12420716543898108158
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 03:17:07 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame 8B66
15 KB
4 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8b1dd84b3d8427bacca74cf55cee3515615326b1c6b1351864dd2b78da3ff5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
129423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3876
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 15:32:58 GMT
expires
Mon, 18 Sep 2023 15:32:58 GMT
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F40D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-uvwuDMpY87zM4eM3gO_uYcoporJwGzN0cuBlxCNsZbkkjEQASDrgsR1YJWi8YGQB6ABsorBqgHIAQmpAjoiKGwcWKk-qAMByANIqgT0AU_QWVqbRerwoaEu3Qxrloa1s8NwwzygC3E-WIuXNkjmO0BQFFb7puCD9MVIgvBwGFzzb3Car719FKG74hx2ZJk8BBplimJn4YLIsFXJ7O-L9IbSjt6UvMkIQC4gFF4SWKHcdP-t5gjnui3rGVya5X73Iai3nwlX9dXwdJx9TJzGnIGwKEIdG3BYb_yNH-o8cgANFlVlR4tlns3HqKVuXwvL6N5lZs_GP9HapiYnFA550ZxC34A1MieP-3OU2bRZ94Osz8exaPK3Yk6kl4R23QS5XhLcBaIq-ryXNYrjG24SzoXwgXv_H2IoWVPq4TGEGcSGGWPABO6Q-POUBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJO8L9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTY4NjY4ODE0OTY0OTgxMTkYAA&sigh=LmMvi8nQrNg&uach_m=[UACH]&template_id=419
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 20 Sep 2022 03:30:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame F40D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:06:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5005
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9550
x-xss-protection
0
server
cafe
etag
715955199520789971
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:06:36 GMT
css
fonts.googleapis.com/ Frame ED81
2 KB
540 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 02:18:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 20 Sep 2022 03:30:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Sep 2022 03:30:01 GMT
835951689f5eccbfe1f83a4ee3647939.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame ED81
30 KB
30 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/835951689f5eccbfe1f83a4ee3647939.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ec8c02ce1156b46862a31790e01b86c2c1c40299b2636c553803d22f566b47
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
521909
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30602
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:31:32 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:31:32 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C7FD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=600&slotname=5628921079&adk=805729957&adf=3339997147&pi=t.ma~as.5628921079&w=280&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&psa=0&format=280x600&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644600338&bpp=3&bdt=412&idt=361&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1MpEMCWzG8&p=https%3A//cripo.com.ua&dtd=369
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:02 GMT
expires
Tue, 20 Sep 2022 03:30:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 03:30:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AF7B
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89cd0d2e6f4e3c0f761f59ed18fd83e831b1c3c62397038612b779dcbcbbbc1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0762
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d081ea3912bd6e1969df9c270453203bbc0ff87ad87e3af36ac239d4712720b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8B66
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Sep 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8B66
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Sep 2022 09:36:20 GMT
e6f40d138158e41bbc4290d1d8f9ae48.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame 8B66
84 KB
22 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
520380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22268
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:57:02 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:57:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ED81
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:44:52 GMT
x-content-type-options
nosniff
age
38710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 16:44:52 GMT
155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame ED81
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
521909
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20858
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:31:33 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:31:33 GMT
dpixel
cms.quantserve.com/ Frame E0B7
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEErTfGcOUntBNH8TJ_s-Ji4&google_cver=1&google_push=AZmPxg_dMG_jGNBmLTru42-nLYwq6YuSd9bV5BB90YYNKE96rBiPjexCa8AwPPO2Hlow_sRMegjwJErd7SiyS6Jks-QbRDalWJY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame E0B7
0
42 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9u4XKs1Jr7eRw3HKMBa842S-2CMku87idnnTyYQFZS8K72AzhzOQkCbZypvdrhMM2RIzkrbR_xaogfUaFha2sjL4Y3iUc&google_gid=CAESEKr8yygSXNtAaTwa69-F6Dk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
odr.mookie1.com/t/v2/ Frame E0B7
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHMIMFgQz_pZyXrwba3VyqI&google_push=AZmPxg_MBsMI_1_PjTbQA7Ue1EWY7t4CgZFzVIsHCAeZafsg9auj_cZac_EKORRpiXwKu0zECABlqU-jOkfgplBfZ4fG6BXVWw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame E0B7
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECV-NpbhEzQG1Hcc6zHh0UI&google_cver=1&google_push=AZmPxg8K-0NXXuQv3sib5dEPxXvEItYeswKRRM1na95PqMwHnkc-MoHDiNSERnMY-3GtZ0LdHQuKL8Xro7vY6KiFhZXtNPKDB2Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
r1g49bfhskbh9nql7cp9alfccq44r33s
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E0B7
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIaXHBVPKULG09i0eOwR5Q4&google_cver=1&google_push=AZmPxg9NRk4vTOJ67-1lTwIfa_cHwCOmuGSOixxG4ZAF5fMImDbIomhiM-M_9a9EhosLCObEvho-Py4n0X7fEAIWh1g6l3Y_wcM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E0B7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOdoT7zZqI1y97ZTB3qCKMA&google_cver=1&google_push=AZmPxg9fskVuazuW3q3oumE8inuNtP3aboyeDuXOH3AG8bJmu5DZjqTyHxN2RTWBMyIy5Z9n-J1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5TjFJUEItMUstMVIxMA==&google_push=AZmPxg9fskVuazuW3q3oumE8inuNtP3aboyeDuXOH3AG8bJmu5DZjqTyHxN2RTWBMyIy5Z9n-J1yI7chiWuyyOPptLx7N5aUUw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5TjFJUEItMUstMVIxMA==&google_push=AZmPxg9fskVuazuW3q3oumE8inuNtP3aboyeDuXOH3AG8bJmu5DZjqTyHxN2RTWBMyIy5Z9n-J1yI7chiWuyyOPptLx7N5aUUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5TjFJUEItMUstMVIxMA==&google_push=AZmPxg9fskVuazuW3q3oumE8inuNtP3aboyeDuXOH3AG8bJmu5DZjqTyHxN2RTWBMyIy5Z9n-J1yI7chiWuyyOPptLx7N5aUUw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame E0B7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_hm=Yykzuqd99oHM-06UxidcpwAABJoAAAAB&google_nid=index&google_push=AZmPxg-9q6p5YCbeh9FfS-D0wKDw8ZgNfIGzo...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_hm=Yykzuqd99oHM-06UxidcpwAABJoAAAAB&google_nid=index&google_push=AZmPxg-9q6p5YCbeh9FfS-D0wKDw8ZgNfIGzoPViWLjxjUFolXk5vdSw93HJjKKbZO519lM7DtG3UowESXmaavfexT9i3i9N2Bs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxV%2Bvc1RAWqbExmii66PbKL%2BH%2FQqWrBAdprWV%2FmsFN7wjVbewdjfOSthKSXKxgsnJbLADCmqpxeLr2%2BLsRyoPFKRXamKiC%2FMQfsmNtmU7pD0QnTT8ehD9zjqLy7YgUuIfF1%2BvOsplQn5zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJCAdbTh5ETdA69tGmVhfBA&google_hm=Yykzuqd99oHM-06UxidcpwAABJoAAAAB&google_nid=index&google_push=AZmPxg-9q6p5YCbeh9FfS-D0wKDw8ZgNfIGzoPViWLjxjUFolXk5vdSw93HJjKKbZO519lM7DtG3UowESXmaavfexT9i3i9N2Bs
cache-control
no-cache
cf-ray
74d77aed4e4edc53-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame E0B7
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1zltb3PTw8FyK8WIpk58rVrBFMpWKg-aq7bf7WTtkHbb9ZbZRBhlLkBEB6RZ8RDil51Sg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
1
mc.yandex.com/watch/86497226/
Redirect Chain
  • https://mc.yandex.com/watch/86497226?wmode=7&page-url=https%3A%2F%2Fcripo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.com/watch/86497226/1?wmode=7&page-url=https%3A%2F%2Fcripo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3A...
420 B
501 B
XHR
General
Full URL
https://mc.yandex.com/watch/86497226/1?wmode=7&page-url=https%3A%2F%2Fcripo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A868134117630%3Ahid%3A752228079%3Az%3A0%3Ai%3A20220920033001%3Aet%3A1663644601%3Ac%3A1%3Arn%3A618600275%3Arqn%3A1%3Au%3A1663644601354618810%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663644599645%3Ads%3A0%2C93%2C73%2C15%2C113%2C0%2C%2C878%2C2%2C%2C%2C%2C1191%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663644602%3At%3A%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
c49dc1073b1c1c81d9672f9d44027ad2b8913167fb26ea92815bf978115c065c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 20-Sep-2022 03:30:02 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cripo.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Tue, 20-Sep-2022 03:30:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
last-modified
Tue, 20-Sep-2022 03:30:02 GMT
location
/watch/86497226/1?wmode=7&page-url=https%3A%2F%2Fcripo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A868134117630%3Ahid%3A752228079%3Az%3A0%3Ai%3A20220920033001%3Aet%3A1663644601%3Ac%3A1%3Arn%3A618600275%3Arqn%3A1%3Au%3A1663644601354618810%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663644599645%3Ads%3A0%2C93%2C73%2C15%2C113%2C0%2C%2C878%2C2%2C%2C%2C%2C1191%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663644602%3At%3A%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://cripo.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 20-Sep-2022 03:30:02 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame ABCA
2 KB
910 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 03:04:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame ABCA
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:06:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9550
x-xss-protection
0
server
cafe
etag
715955199520789971
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:06:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame ABCA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 03:19:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame ABCA
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:33:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ABCA
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 03:30:02 GMT
026517f4e3185bf0f4d8fd76517024ed.js
www.gstatic.com/mysidia/ Frame ABCA
33 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 09:51:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 21:57:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 09:51:18 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0A89
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3040
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 02:39:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame F40D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 03:19:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame F40D
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 02:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 02:33:52 GMT
/
kraken.rambler.ru/cnt/v2/
595 B
1 KB
Image
General
Full URL
https://kraken.rambler.ru/cnt/v2/?event_name=page_view&event_type=base&project_id=814182&request_id=1663644601.648-1324575798&event_id=753046021734089&meta=%7B%22browser_size%22%3A%221600x1200%22%2C%22title%22%3A%22%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85%22%2C%22screen_size%22%3A%7B%22cr%22%3A1600%2C%22hr%22%3A1200%7D%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A0%2C%22referer%22%3A%22%22%2C%22is_first%22%3A1%7D&url=https%3A%2F%2Fcripo.com.ua%2F&session_id=349718916_1663644602177&session_number=1&session_event_number=1&tid=t1.814182.732461606.1663644601650&adtech_uid=2d247d17-d1a6-4656-9635-d53399a67759&adtech_uid_scope=cripo.com.ua&fingerprint=pA8AAENKs1dEGeq0ATuruQA%3D&fingerprint_ip=pA8AAENKs1d8qZMsAT5o1QA%3D&version=3.10.9&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1931110230
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
a665c69a46c4dcded8e6fc9bbf440ff6d3f5378e175f9b0e2be473004f1a1c84

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
x-srv
2node0044.top100.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
content-type
content-length
595
server
nginx/1.19.4
/
kraken.rambler.ru/cnt/
595 B
1 KB
Image
General
Full URL
https://kraken.rambler.ru/cnt/?et=pv&v=3.10.9&pid=814182&tid=t1.814182.732461606.1663644601650&rid=1663644601.648-1324575798&fid=pA8AAENKs1dEGeq0ATuruQA%3D&fip=pA8AAENKs1d8qZMsAT5o1QA%3D&aduid=2d247d17-d1a6-4656-9635-d53399a67759&aduidsc=cripo.com.ua&stid=1654636004_1663644601652&sn=1&sen=0&en=UTF-8&ce=1&bs=1600x1200&rf&pt=%D0%A3%D0%9A%D0%A0%D0%90%D0%98%D0%9D%D0%90%20%D0%9A%D0%A0%D0%98%D0%9C%D0%98%D0%9D%D0%90%D0%9B%D0%AC%D0%9D%D0%90%D0%AF%20-%20%D0%9E%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B5%20%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D1%8F%D1%82%20%D0%B2%D1%81%D0%BB%D1%83%D1%85&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=2&ct=web&url=https%3A%2F%2Fcripo.com.ua%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&meta=%7B%22is_first%22%3A1%7D&rn=33527574&eid=564646021686511
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
a665c69a46c4dcded8e6fc9bbf440ff6d3f5378e175f9b0e2be473004f1a1c84

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
x-srv
2node0044.top100.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
content-type
content-length
595
server
nginx/1.19.4
466606.gif
id.rlcdn.com/ Frame C085
0
98 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg91CbY8-G5c9-w8CMkgCnR_T2O1ptwW0IhCWMu98J9tKqSNbabOnWZGvBT0CZgHrfAEwc01XfFzzBGr4cYDDxCm86Q2A3AN&google_gid=CAESEKr8yygSXNtAaTwa69-F6Dk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame C085
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_QRAtY...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_QRAtY...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjAwMzMwMDIwMDAxNTU4OTQ1NTg2OQ%3D%3D&google_push=AZmPxg_QRAtYkIAZtvY46evGOkQ5ePS0KVpC3b_gLcYJENfFIxsx4Wb_oA28_zU7rb9HoJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjAwMzMwMDIwMDAxNTU4OTQ1NTg2OQ%3D%3D&google_push=AZmPxg_QRAtYkIAZtvY46evGOkQ5ePS0KVpC3b_gLcYJENfFIxsx4Wb_oA28_zU7rb9HoJKlT3jKhqB1qOJhOngHukwYbhOXBoG4
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjAwMzMwMDIwMDAxNTU4OTQ1NTg2OQ%3D%3D&google_push=AZmPxg_QRAtYkIAZtvY46evGOkQ5ePS0KVpC3b_gLcYJENfFIxsx4Wb_oA28_zU7rb9HoJKlT3jKhqB1qOJhOngHukwYbhOXBoG4
pragma
no-cache
date
Tue, 20 Sep 2022 03:30:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 20 Sep 2022 03:30:03 GMT
sync
odr.mookie1.com/t/v2/ Frame C085
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHMIMFgQz_pZyXrwba3VyqI&google_push=AZmPxg-bEBBh25d14FbzOYF9B218Fce_-CKjuDLrZmRbF45Zrtx9QxZL_nDVp7xFSwYdj1lDCeFnQJLzO6Q_aVNfKKD-cml4PFdl&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame C085
43 B
134 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECV-NpbhEzQG1Hcc6zHh0UI&google_cver=1&google_push=AZmPxg8aMrlNoliMp12SG9c7LCCyKUWzwOIt-eHu0nkJax9HCI1qA0dijeDiucfCBa47JGKa9JxzO2puDu-MtTB75hXvKImQAmAi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
7tm2pe7s0971kohem0nttrnk6bvu6utn
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C085
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIaXHBVPKULG09i0eOwR5Q4&google_cver=1&google_push=AZmPxg9J99xCxzJJOS5iGmUm6INZe62A0Rk0i0NIUGm3zmfAB9hP32wUhM29Rolox3GQ8SrkatPBdbuduAtYKZtxw6hdS7oo4Wcp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
trk
ag.innovid.com/ Frame C085
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGy4_VqHb_gXW6QrnlVnuMI&google_cver=1&google_push=AZmPxg9N1J7KttUPsdZG5FCzD-EYiefcHPv59_Y8sf-DaBAAdMAHb73-f8vSk38r2BJDTkjh03W8VHgYwCwBQu1ZlKqKoleYALdo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame C085
0
0

attr
cm.g.doubleclick.net/pixel/ Frame C085
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzgxYLmoR2QwiEcTIbrs1KNVc1ifLR4f8xwNRfPrD6ST8VwIVEexXw9PBiMXXvIVyAluOhmA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=90&adk=432239988&adf=2571114240&pi=t.aa~a.3760643390~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x90&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=2&bdt=1437&idt=-M&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600&nras=2&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3153&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fcaXA3648c&p=https%3A//cripo.com.ua&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 0B3A
85 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gbtgqewvqjngbj9peyx9qky69g9hmnx5hkm84x22ee4c8tecg2mtqbkjt99wfxv59g3p1cxpwnq9w4aveb5ykqa0vdse0wbxa1xmkew7hrkjc2j0j5fjmrs6d7xh7rc8dg60j498d5pfr2ga3z8tc1b6azchwj66pqa49m4q8nwc1jwj2xysjdg53vbj8fkv6d8szx9k37fxweyjj7yx04x8dybrvp4ct00897p9mex0yf8fvn6wd7yp3k7nvhmgqgfztyegpfde87fh20z6j4hvb5mej38d2trftwke1kjpqbc0n2a6sv8j5atqmx2fb0yh8wkvpedj1y61enwyxae8py33gcq1vzdh6dnacafq7p0xx4e93rpnfeb3p4b2a616j0jndvhxten7h5e2069hmz4a8h6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gbtgqewvqjngbj9peyx9qky69g9hmnx5hkm84x22ee4c8tecg2mtqbkjt99wfxv59g3p1cxpwnq9w4aveb5ykqa0vdse0wbxa1xmkew7hrkjc2j0j5fjmrs6d7xh7rc8dg60j498d5pfr2ga3z8tc1b6azchwj66pqa49m4q8nwc1jwj2xysjdg53vbj8fkv6d8szx9k37fxweyjj7yx04x8dybrvp4ct00897p9mex0yf8fvn6wd7yp3k7nvhmgqgfztyegpfde87fh20z6j4hvb5mej38d2trftwke1kjpqbc0n2a6sv8j5atqmx2fb0yh8wkvpedj1y61enwyxae8py33gcq1vzdh6dnacafq7p0xx4e93rpnfeb3p4b2a616j0jndvhxten7h5e2069hmz4a8h6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%26client%3Dca-pub-6866881496498119%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
652366
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74d77aec49c3dd54-LHR
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 0B3A
36 KB
13 KB
Script
General
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gbtgqewvqjngbj9peyx9qky69g9hmnx5hkm84x22ee4c8tecg2mtqbkjt99wfxv59g3p1cxpwnq9w4aveb5ykqa0vdse0wbxa1xmkew7hrkjc2j0j5fjmrs6d7xh7rc8dg60j498d5pfr2ga3z8tc1b6azchwj66pqa49m4q8nwc1jwj2xysjdg53vbj8fkv6d8szx9k37fxweyjj7yx04x8dybrvp4ct00897p9mex0yf8fvn6wd7yp3k7nvhmgqgfztyegpfde87fh20z6j4hvb5mej38d2trftwke1kjpqbc0n2a6sv8j5atqmx2fb0yh8wkvpedj1y61enwyxae8py33gcq1vzdh6dnacafq7p0xx4e93rpnfeb3p4b2a616j0jndvhxten7h5e2069hmz4a8h6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
577271
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBVEUWUvsSrrra4kMxuGFTl2YwOGfShBsRZcTCbjXgMndDVvjpDvJG%2BXK2ks9xybyG6UZPk5fZhmci28DR2XTOOfuY0VG4Wc55uFx%2BjL%2FWh99J3xVTSwvCGa2A%2BO7%2FUbOQwTJD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74d77aec5d6272ac-LHR
expires
Wed, 07 Sep 2022 12:58:38 GMT
sid
mug.criteo.com/ Frame F87F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cripo.com.ua&sn=ChromeSyncframe&so=0&topUrl=cripo.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=9BIsF3xleXhQUk9kRFY2Q2VQQ0swVWRyd0pQaWs3M3VDd1JhSkphQ0J5bllqSUFrTzljZFlaQml0M1FVeE1pbFlDSUlnV1N4UE1raFhVc0pjNVFEZWU1b3dBWEh4RHRWcVllbWcybG5ON3lvL08zRnFWODJqREUrNWtHOW...
438 B
659 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=9BIsF3xleXhQUk9kRFY2Q2VQQ0swVWRyd0pQaWs3M3VDd1JhSkphQ0J5bllqSUFrTzljZFlaQml0M1FVeE1pbFlDSUlnV1N4UE1raFhVc0pjNVFEZWU1b3dBWEh4RHRWcVllbWcybG5ON3lvL08zRnFWODJqREUrNWtHOW9QVXRzVmQwNGhvMys4WVdFTk50bDBIejVsUHR4ZFB0YVNSTExpamE0dkRPbXliYk1oVEwzSGVMR0k2dWRJQnNHYkNSb3V6dHJmUkhGaUd0U0ZjbTNlejA2blEzRWI5Ujh6T2NRV0I3ZjV2ZHRObmQ1WjRUWGJVQUR1cTFGMlNiSlFTSi9tNmJDZ3d6djNySjVZZ1RvWjdnUEFsVTBwQT09fA&cppv=2
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1d8925f553cb9f142fa40b07045b8c23d6683e0189caf009d7ae8ca490711f7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2543803
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:01 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=9BIsF3xleXhQUk9kRFY2Q2VQQ0swVWRyd0pQaWs3M3VDd1JhSkphQ0J5bllqSUFrTzljZFlaQml0M1FVeE1pbFlDSUlnV1N4UE1raFhVc0pjNVFEZWU1b3dBWEh4RHRWcVllbWcybG5ON3lvL08zRnFWODJqREUrNWtHOW9QVXRzVmQwNGhvMys4WVdFTk50bDBIejVsUHR4ZFB0YVNSTExpamE0dkRPbXliYk1oVEwzSGVMR0k2dWRJQnNHYkNSb3V6dHJmUkhGaUd0U0ZjbTNlejA2blEzRWI5Ujh6T2NRV0I3ZjV2ZHRObmQ1WjRUWGJVQUR1cTFGMlNiSlFTSi9tNmJDZ3d6djNySjVZZ1RvWjdnUEFsVTBwQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
491936
content-length
0
expires
0
css
fonts.googleapis.com/ Frame 8B66
2 KB
540 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 03:26:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 20 Sep 2022 03:30:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Sep 2022 03:30:02 GMT
5d2621bd596ef5c2c83d009be66f5432.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 8B66
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/5d2621bd596ef5c2c83d009be66f5432.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
520380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:57:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:57:02 GMT
redir.html
p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3EE4
247 B
962 B
Document
General
Full URL
https://p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
5a5a9a5c28686763fe32dfe8200cdb1a8aa8955b5fb339031fe1fe53521e4238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
204
content-security-policy-report-only
script-src 'nonce-TnmF3cWm-gk1K3U88quwXg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F40D
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 03:30:02 GMT
truncated
/ Frame F40D
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d14d1fc017a1c5b7220fc41a58b87ecb7815d39a1546a4b9ef320c206d7b30ed

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame ED81
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 17:25:53 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame FCF1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 03:30:02 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame FCF1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 03:30:02 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FCF1
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Sep 2023 03:30:02 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame FCF1
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Sep 2023 03:30:02 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame FCF1
43 B
348 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pabeHaRIYb2R1_pVszN_nNZuML0hA32tMijQmShUS02i_RLEmOG1gckSIqnImFb_0oh7sJYVMFLc3iQCmlEAr3aE9xapyzOOOIdytJvWkAYz_Cg68z1OWr00ciRMtnbcp1bVPa5LhDxk5st_8rsRv3kycbII5ilCxBE0M42QXdlS02lAgmQICzOflnONVO2gYgbNO87plKNhLF3aX7K2oY5bQdXXFyzI871yHhoj5M11L4IMm0_bqmQ_jY5Cv3jh4k-eP-ppaZOiyxPtQnv6QB4O9DFzyk3NOEY6M4xug1t05Kk0RnREsdYZDwkmw8LzIei3o0LzIDgM3aB4N0SMElURX9Xn1R3Dbp4fb5oFbMPdH_1qzx4uCbVEavO1jTY8iNqAVab_tnlsvucYg5yYpHPcEyDEG9KciEd6wcgbhsac-u49vHjWlxFqoRypsdUAb_6zIg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:02 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2653364
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame FCF1
44 B
752 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1663644601
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
IQJnoCQgsO94-8gI0K86lnxPCjgKzsDlWIuLqHsiKKZgd6-vuaINyg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0A89
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:02 GMT
expires
Tue, 20 Sep 2022 03:30:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 20 Sep 2022 03:30:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0B3A
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Tue, 20 Sep 2022 03:30:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28382732
x-guploader-uploadid
ADPycdvwDjW5jdr3hpmzEGdM6ocYLvnfI4_co9YRT1iPnu4DrEndoW4-i-8zZHwjrNkjFcureZIeUag3rEIRkN6YBG8
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cszBdSVeyj4y107g04OwRi4KULsp04XEYYNMoUs%2FqjTmBWx7ilhPZXQM2J%2BZM3JxSvbVDG4F%2B0qp0Zp1%2Bjx%2BQqo4wRVx0duW%2FF5lCkRpSfFYI%2BDaFyUzhkgoP03y44qbwWPyRb0wkm7AgFPr0qxj0IsN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
74d77aee5d257717-LHR
expires
Wed, 26 Oct 2022 15:24:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8B66
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:44:52 GMT
x-content-type-options
nosniff
age
38710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 16:44:52 GMT
391f7a7a4277d1f9d837ec833bbc3a24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 8B66
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
520380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:57:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:57:02 GMT
frame.html
ad4m.at/ Frame 8CC7
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1720141
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74d77aedfb07dd54-LHR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 20 Sep 2022 03:30:02 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtPn%2BgSPgpLKJkUU0FYAbj4wRM548DG%2Fxi85CttNVLTBBZhAbJ8ttSuXRNdaMHeLHOlKp%2F4Kv5hDeH5oz20YoArLWuvOrSrlpmkPmVp9g0jdDPGV%2BaHPASK6FAACZZgOzVp%2FthM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
animejs.js
static.criteo.net/animejs/ Frame FCF1
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 03:30:02 GMT
img
pix.eu.criteo.net/img/ Frame FCF1
5 KB
5 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=vRnovhurXn4L9dJqcuyx6-_f
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29037016
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5106
expires
Tue, 22 Aug 2023 05:20:19 GMT
all
csm.eu.criteo.net/ Frame FCF1
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vtACQ5h_NfHVahRzi03Wj2YSprUwvsTQrnBDHIaZfdC5rj5IoF6R5Aq1DyxWExCqW2335vonpAcXC_HNa5xNVFaNA4xUANr3jCHF3J1dQnbaZUT8xG-u8bc7fQrjiFv-8bo7vTBjrfcd1CeZU30T_cqVgeOrvmLRF2g034H1rRwriDYuh580TmJRnBKlwtbBBwoCXSK1I_tciBhi0_zYQMqbizGHhEVmzo8zMx83235oei1B8fGM8sBAFsgYFr_3DzYn0w&sds=2&rev=82759&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Sep 2022 03:30:02 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FCF1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 03:30:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FCF1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YykzuQAG4wkIFVwHAA1obxoI3QI9_YxHVo_UXQ&u=%7Cc1OLKJ1qipHV9jCwV060gkQCwYchAP6SgOfXsuapGJs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at-ue5TMI33i_Zl8OSN1YZHm_icFq_UgIIdTC8ONH2ivfZ2N8ybqATGHOcirct-wJ6y_MGdW97gXQFPbm5Vs9zsaoSjDAoObxm1pJgBtgv1TIwexsWBHJ8VV9PBciW4bHaRMx5bd4IjXeZTa-5vJaeN5Eop35qR9v8W94Y05RlAtlSp4KWDDdw93alMO0KyqA8xnN3BlWG4_Z4AD6TJgkdcpTchqeAc-_vvJl5QhpFwiSbBOHAgOn1v_ixbBCtUz_gbtti5O35Ljr-TPJCg9oJxPSUZ5zr_y4H189v6wTMjhLclx0vHLl4KmssDTGRPONIt96hJ9BpAsqScDNESTcel7KtsSxFDR32G2yqbjqSkqk1Fy5x8fDANtgQH4mNCvk4x4NG_GPfjQC9tFI5NT3jJvRwJuHoakciYxSyudqe4Pmy54WkipYZodxEQXNtmdJZQUGMm661J9CVYnsiuXGJmq-br69f6uSFWrksz4jXuiph2vIeARtCJTplMqG65pibMC70wQOADYtOg7pv_JhugR6vfJDVnaPZs7viWBs3xJ-xPdh3YsFsRvk0JhmnXznH-Pa4embUrRzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJL-uTMpY4nGG4e41fAP79C10AvJntKxXM2jlvdwwI23ARABIABglaLxgZAHggEXY2EtcHViLTY4NjY4ODE0OTY0OTgxMTmgAdW20uoDyAEJqQLvGk8TYdKwPqgDAaoE4QFP0EIVy-CgV2TlrcfFfMxSEb1oUfCs2zalkmH_9OW6irkLxGxbacFrwmvJAN14lqJAt7qxTQwwtxt7c9DK9d_TEfpkvNZw1S4RUsgyEZSxVc36Avneiit_-R2ntOQOCmfxzPeiDnLKCHJCUd4VSAtsn_su1Z_EBhqQ0GMd6Rv6vg_YXvym824cbE5X1YSZpJkMZigtWXVJOZmwpqoW8DSGaqNQM4YB-QKmAUbCf5on4SxOBs1S46QPNUme_dpkC6czAjEUuz657y4ZwbqxrhtgvUmaEGjktg-1pnrnnXHz4jWABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HIVQQQn3KZITg0vxRh5Hwte5W6g%26client%3Dca-pub-6866881496498119%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:02 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Sep 2023 03:30:02 GMT
iframe.html
p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3EE4
4 KB
2 KB
Document
General
Full URL
https://p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
c1f412ae90c51e8476fe443652929b54df4a37ba31d26698da924a26ca334ba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1863
content-security-policy-report-only
script-src 'nonce-iEBlAy5TcbZeXMH79yXl2g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 8B66
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 17:25:53 GMT
rs
ad4m.at/ Frame 0B3A
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12779cc0ecd0ae701172382f5bf69161db0efbbe7259eb84aaf19e327563516a

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
74d77af189587779-LHR
date
Tue, 20 Sep 2022 03:30:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEYeDDZKCBE1g8EfPOHTzTZfBpLYizASolZs3JDXBMZvoqiJeZ8AXnf5j1DYkMcn9dfJpCB9O4gFU18nZMqOowWuGkwKFcirHJsRWppmwgibW%2FM8oRgBgiR6HdIRycDFIQIFlVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-2p34
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74d77af1190e7779-LHR
content-length
24
content-type
text/plain
date
Tue, 20 Sep 2022 03:30:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Os65zc3ChdUJVRCERCtemdpnC%2Fs%2FWG0iw8emrqaH%2BH5aVr8zmfLcMWBZ5voUhlrveLn7k4IzJ5988sl15DPO2bsinwZkG3Oq%2B4Oi9ut1yK0jzLrGRhWUoAg1dQ%2BG%2BMCmZKFGfXk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-2p34
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220915&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65484ec54b9e4c4c5478abf4f6f188d4f13b35a3992029f3bdadabb645972a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Sep 2022 03:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11237
x-xss-protection
0
tracker
top-fwz1.mail.ru/
43 B
875 B
Image
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=990139;u=https%3A//cripo.com.ua/;st=1663644600817;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=20c011112a744bc3;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1663644599645/////113/113/113/113/205/156/205/278/294/281/1172/1190/1193/3457/3457/;ni=10//4g/0/0/;lvid=1663644601442%3A1663644603105%3A2%3Aa70246a8f9386c5ccf7ca81ca51ab09e;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.8191941331414163;e=RT/load;et=1663644603104
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 7ED4
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: cripo.com.ua
URL: https://cripo.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 17:25:53 GMT
rar
as.ad4m.at/ad/ Frame 04CB
11 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69c9ebee016b1fcf50e14fbfad295c5e9253007b5d9e17235057b4e920b3a14
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gbtgqewvqjngbj9peyx9qky69g9hmnx5hkm84x22ee4c8tecg2mtqbkjt99wfxv59g3p1cxpwnq9w4aveb5ykqa0vdse0wbxa1xmkew7hrkjc2j0j5fjmrs6d7xh7rc8dg60j498d5pfr2ga3z8tc1b6azchwj66pqa49m4q8nwc1jwj2xysjdg53vbj8fkv6d8szx9k37fxweyjj7yx04x8dybrvp4ct00897p9mex0yf8fvn6wd7yp3k7nvhmgqgfztyegpfde87fh20z6j4hvb5mej38d2trftwke1kjpqbc0n2a6sv8j5atqmx2fb0yh8wkvpedj1y61enwyxae8py33gcq1vzdh6dnacafq7p0xx4e93rpnfeb3p4b2a616j0jndvhxten7h5e2069hmz4a8h6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%26client%3Dca-pub-6866881496498119%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74d77af26e10dd54-LHR
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:03 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6866881496498119&plah=cripo.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 03:30:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F86
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5TYlqfC3KjOZClTjHciRxABhET_vGKENAmRLxXaKhzAUUHtWjbobsmEGWuSMwFCxmNBMQBYuNSwwOl45jvm7kND0Akl1DDyCrANSJwXlCiKzudlV9Fqi38R21xMO8ei_yJnNYe8YTxU0TXz7QcoDs13F0k2KfWlNjEz024E54qAXjq5Joimrrenz8gSUf0NezDtCVW8uZYAlvER9rOKdnTyr_5MTJMNKQLXo3_51JxlFgdSSZB4ZnZA5ZP3X8YmSxlz08o6ds7mkAfkIPyNclKw9BQGal7j5amBuNu1R4y2oIegMK0aR7FvR7A8kC_beoqAjeucyzmJRmge9LIg8IrcHJayfYlr-ok60G41MTDDkzZblzU2-aETtkqvlVXIsIcITdhQbiurTBh8W8CPTtYD1lcOGPd1twg5pLdIR6Hu6hZLI3OKvZl_vcK_upE62cY-NLa3Nd53b7Grwp5nUXoc3mlosfJZYnekvBx2Ii1fymJusdnQaIm0FhgW9DyoUhzAHWe5ccuKuOwY2ai-DZXoUDzGHJ-LMLyLb-IyEKT23e7tRpV1PPwhgBj8UkphxhpEqb7O6M5JwfoEXJdRuafftksH-Uv0fX9LWMU4_Y7C13qiMjc7s0-F9woCttc6CaFIt3pNdR8tWM8rgdSHvppBLs-J_dCmA91giyhbgFlbg_v0FWbCMul1tLKrewy9ASyYUMptYGY1cXOCeNgMU6mgsj8CFQjdTtHtoLkFsXyY65htHlXVIo8HLQasRBCLRkiKbi9Ug0qcU6ioiG-FMzwqaIikRofLRKrK48TpfoBOA3YJwYAR5uGD2bfY5prLnILRxxGWh5RoyG3TUIacBAca33Naw01-VOCaDZXGIq_s6suYhzaxBoXyfs9JPh3WPAAH_bZqfj_SL74BvUu9IOkqrKm5wGj8X2R1pz1WT1QEzUd3ondIo5N1jS36SK96nAgIdha8nWYempvNSwLh9IZ7wYJvLPOmV2zKXnhzH4F6_LfKwmn7x0K2w-CCA0bLlisWEPkcmBr5wrNNyi5hrLey-opprOBAWUFvXreWHBIP6vqR6jBrbBoJyI5xnMYRaPOW9H6e-A1DUFd9dQNqn0vwz7dwMMCWsQOlZVJZEUIbfLKBVQSAZg42Q7o-Udng&sai=AMfl-YQmWAPXWGRC_uxP_pdWdU6r5teCV_A2n289JOXxn5e5mi29CymPgqqllG-XN5wpEYtjHnSdHcfQZZKBu2ApfilDYP4pmenfbyknr9vbL3rOb6VRv0novTg6ZW-8gWtQTAmXPreNwtRHjn89&sig=Cg0ArKJSzAfrnq1xVMJrEAE&id=ampim&o=250,184&d=240,400&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=782&tls=1783&g=100&h=100&tt=1783&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 04CB
85 KB
11 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
652367
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74d77af2febcdd54-LHR
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 04CB
8 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2361198
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2yas3jwbBCz6UcloBlhgGmwneyx3mx9PZvxR6fyJgOE%2BAGRyBQ2I%2BrVuNuUs1%2BQ2HKj3%2FuCE2wN5lDG%2BuorIsiTeKgkjYdmWX7S4kYr3yQGYnECz9eigL3Q%2F3dhpYqmhbVejcpGZEfNKSYs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Wed, 21 Sep 2022 03:30:03 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74d77af3187372ac-LHR
cf-bgj
imgq:85,h2pri
18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame 04CB
317 KB
318 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2361191
cf-polished
origFmt=png, origSize=451997
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324760
last-modified
Tue, 14 Jun 2022 08:21:28 GMT
server
cloudflare
etag
"7dada3f3f6321a7ee4badc53b11da1f3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQFk1kqRSwtZ7ozlAHk5u6ODi0qiGK9iZFWBI%2BZJKtlcG%2BLnw28aNw3ko9yHDTYaHFj1smkxfxm3tQmHBx62gt5lw7hp9z7LRJX8WG4p4rLJUJgKUwHaXXdvJLdZFLiGUulSW02XXtye0qTG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Wed, 21 Sep 2022 03:30:03 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74d77af3187472ac-LHR
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 04CB
Redirect Chain
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663644603_83d1e680-3894-11ed-b2a7-22665d867147
0
518 B
Image
General
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663644603_83d1e680-3894-11ed-b2a7-22665d867147
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Sep 2022 03:30:03 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Tue, 20 Sep 2022 03:30:03 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663644603_83d1e680-3894-11ed-b2a7-22665d867147
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 04CB
38 KB
38 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2357574
cf-polished
origFmt=png, origSize=77267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShC0y8mwpd2koflLtUtcdp5umORUP6QxNQC%2BJJCjj6MdGnUwUuYpKIXTLR5bJeaXWa8H4FnvolfFHqdsflmsjBjhUHTDKKwiTb0tfyAdmBzXj11twlg9bQqFowMNtdoZejPdkNe6mpuF9TYk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Wed, 21 Sep 2022 03:30:03 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74d77af3187772ac-LHR
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 04CB
84 KB
84 KB
Image
General
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2131712
cf-polished
origSize=90165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0SC5t7CP9r3r2NIAlSzGZdp5bBBn6MECQJOsquMCNgK%2BXh0gbYZwIKwIyUpOZSVdsGceSsAPCMLUn1jrF6vcy776xVdUjX7BheOc7KmNNA9x74%2BG%2FuiDQI4LQQJZAub7VMUvX7ebfQ73eVk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 21 Sep 2022 03:30:03 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74d77af3187a72ac-LHR
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 04CB
16 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2358336
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aO%2B5%2FDKX7pI6RG7%2BfSiC%2F03OFsBF%2FY4r168sWQTaLaY%2FEMNRxJrp0bZTfjnEeE3zG45y04azPBBVnaEbDWDDMepy5Y1RoaVjiCh%2B8vEv%2FesxdmqXqt6hMWVB%2B6nou1LWodhseuq2Igvs5g22"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Wed, 21 Sep 2022 03:30:03 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74d77af3187872ac-LHR
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 04CB
222 KB
222 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2360231
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTHM7G9y4Y3IxTgtw3TqO0MRrgq7a8FanHOSvbOiGZwJvcYZpGIpjE2ZwZQJYejx6D43RjnzoDe3QlHuPGA4eORqHd0OuskrMA6KRD0OvG6aYbTsHCo0ERVPgv9pYNgDqs8Y57Dhu583iyxk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Wed, 21 Sep 2022 03:30:03 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74d77af3187672ac-LHR
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame 04CB
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=83d20d90-3894-11ed-bcc2-2261f6323861&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663644603_83d20d90-3894-11ed-bcc2-2261f6323861&insert=AW&&gdpr=0&gdpr_consent=
0
657 B
Image
General
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1663644603_83d20d90-3894-11ed-bcc2-2261f6323861&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:04 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
783496108
server-timing
intid;desc=1b9b555d40c17bc3
cf-ray
74d77af76eef75cb-LHR
expires
-1

Redirect headers

Date
Tue, 20 Sep 2022 03:30:03 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1663644603_83d20d90-3894-11ed-bcc2-2261f6323861&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34D9
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
25114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 20:31:29 GMT
expires
Tue, 19 Sep 2023 20:31:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8D00
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d52b9e5b1b1707fefa1f1d11bad87e40b31caee48a8027948a878b790d0c3134
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0jaelxyOYzVZ-4_72UZLow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cripo.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-0jaelxyOYzVZ-4_72UZLow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 03:30:03 GMT
expires
Tue, 20 Sep 2022 03:30:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
link.html
track.webgains.com/ Frame 04CB
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g5yqas3cq1qhcw2t14nh4rge5fgjn2k1qpt982ftkeja4wj27kx7944zbqyvz25cbnfperz9xrp80bf3ws4s9b7j5ydsra61bd2hgxtfjhme0kjsyhxcckakqmhazdcvt74yn0kwzsmq8t246rs2vdydr3rcbm0pmjk70y0m23k7f2awhwgck9f3xacvrqwhab74a70jcwkv6t7gcgq3g7p68t98xjrfyeh8mwsy94q5j3y9jdx93akfkg066tjr3b0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%252526client%25253Dca-pub-6866881496498119%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
5127bc347170d273c7b2a3fc81881049f980ec7ee127f017e0f025f45af68682

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
last-modified
Tue, 20 Sep 2022 03:30:03 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 20 Sep 2022 03:31:03 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 34D9
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 17:25:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8D00
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220915&jk=4025851348637579&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pvClk.min.js
analytics.webgains.io/ Frame 04CB
85 KB
85 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g5yqas3cq1qhcw2t14nh4rge5fgjn2k1qpt982ftkeja4wj27kx7944zbqyvz25cbnfperz9xrp80bf3ws4s9b7j5ydsra61bd2hgxtfjhme0kjsyhxcckakqmhazdcvt74yn0kwzsmq8t246rs2vdydr3rcbm0pmjk70y0m23k7f2awhwgck9f3xacvrqwhab74a70jcwkv6t7gcgq3g7p68t98xjrfyeh8mwsy94q5j3y9jdx93akfkg066tjr3b0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%252526client%25253Dca-pub-6866881496498119%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:15:35 GMT
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
869
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
SNzJzw7JjOQbhXkk4wMR67tufocy84YbpgdFWYgjT_5QQ6jl9Qq3GQ==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 04CB
85 KB
85 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1663644903&Signature=DCcBPjupaKJvb3hNbfewHSqpYfJuqKxG3BM2EIkq9SPgg4RWWCNp11WyqC~zrzB-UeS2Z17zm7gA-wozvACvkpP8vsp~j7mD6EI5MYdGD0o11IHj8lYchJHiSPq7Goa8649LLyzQKAVxUTICdjzA1DBRXxMb8mYOVVGxlj85Lkgm7ekEJRDAfkaZGAXoZ1-Ptr5kglNOIruqDSBXotn-VGiOubXDwO3E4OTrZGkMeYWQlyELBdviQMmbaOoGPsGNa3auRnr5LbY5ftcRMrfOqvg9pGnOppiEqHOy~RhvEGdmf~7pdRg8bydG5tY1jDQGLY9mW5DZfepvrg0D77DUpg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=e8e3eb3eca95c2681aeee5ad589c6430%2F14917598517717395679&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663644603138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jn3r0e789ba3z2bzfrgzwtgzk02ykqqywgefqf37vcdgt4jxpmqm8xf4fnt1t4hwqa1d3kj3d0pzb5hjjpwa5661khpsw579v2q9j53mp8hkwytkkv0mc7342k994dgadkdp6kcqnta5xt0zma55z1w5z1vw1hvtgbt0hybsjvs7zvnc7mdkwvxpvwgc564z9b188gpzw4p6wj6qzw839re6t7sa05cp00qj15pmqbr32389hg1g0t3kjhmgy82ba8r35r53nesj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DChwOtuTMpY6z8Gq221fAPjZaUwAmQ4YGEXLaoworwAsCNtwEQASAAYJWi8YGQB4IBF2NhLXB1Yi02ODY2ODgxNDk2NDk4MTE5oAHCrujdA8gBCakC7xpPE2HSsD6oAwGqBOEBT9CM7LXV0sJHtoWOUZaOOGrly2SZH0Kr_z8vDjHt1fIqztO1geiPh25vFkqd73hmBG3ejkf9u4Lv553EvPGtfbdVWMR7y0_6-U0P86drBlKEq3p97CbHGaV8ybaNDVo8VB7Jubljg1bL42Ub_ohqV7knmmbzNumRnKwh2A1riHzZrqbCR-xBtAPIfEqdS1QE_hF0YajXvIjPnbnTHzfia9q99YpNTk4i3SokClHPluVHNf9fG8zUGH1NZlC-KHYL79wmfgpuwfbYDm1bcfz-uxn62ZEtUIN2J5-1kbYFBXgAgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2QCc3YORvr2ve6WFQExAj9IcEZ2Q%2526client%253Dca-pub-6866881496498119%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
84001
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 19 Sep 2022 04:10:03 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
86991
x-amz-cf-id
bqQHTBjxuKrMvOVlJQXG6acv5Ufn9_vtUF7sNTEkotY0pdEBml8LnA==
generate_204
tpc.googlesyndication.com/ Frame 34D9
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?yOjwQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:30:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F40D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRy2YvWYJFonhTHVYTVmofoJBbrhcxmNIOkPU-S-gH4if3qdfexUto6d1APfh-Wggr_dWe1_tXPw4VWlk62F93-hACwfjyW8Jo16PgNCz749pteCUxusworAxI7b7yDex6q9yjnA&sai=AMfl-YQVJhwgvvJJK1fHNh2P3jrVdtS88idGri_9YcNAnhlARsipyUOO2m4Cusy8ym9QZ4CkgSNqevvU7xlB&sig=Cg0ArKJSzGpstpZm2fYcEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663644601673&rpt=996&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220915&jk=4025851348637579&bg=!S0ilSAzNAAZqQh0mSkI7ACkAdvg8Wgju3vb6h8RT5jqQnd22YTFHIZyEAC-fcamKtjJ1cCcLqCJytgIAAAB8UgAAAAJoAQeZAqoZl8vl4m3hyppaE0avtH11kur5JgIad_YgSstY5BdUd9nJQ2F3vt5hDRb1PlUb5Z_1B3c7S55KYVMEpn6uAH6tEjixBbWfZBtP9bvSFdWnzvGSxbzDPvQaYvqeHPuj_ezXn8ris06NLjvwhqUI1BZRybu9OdKhq-8kK3Mu6e9WZPt0MPKVxrcdcQ0WkqT4dLCH0b-ox9VXKnQPltv2NY_e9zLmzzjELmHdAi3zwhW_WU9QFFRr-VWtrgSvbcc85PJ3XfvYvUuZzKjs7W8Nsq5vxthByKl98dNSOMYjbNl3eK_7lg-v3QsuLy3fgtclf_Xw8aN3lWaof5CuNTf_RtQDmBJiChlyHKtvzqTgCm_p_wVXJHMSYQvMthRKqiOKXr4J1d1Fk9AWGO_XpNL_u4vaDigczl8fW7o8qWE9AH_FGj69qopxWwivkUxUlwtgBxC33dX58nFR4HESImlYCAyr-yYhoSHX7AZCUMlX4NVMZC_7PGyZInB7fz8iUyyDzxa5EdaxpuIEZuNqVmJLEcNtnq2VbMSjNnl7przuUCD2_Ow83e2TJGtha98yppfgLDWm00-dCXhAIkzPxIRD51QknSpb3U6p32J0JEen_1n6jtGYOB8wS9W49rUhGi9odUJZQVRyhU2phWbU7Q4reyWRmEgu7LwvnDkz69Rb4irlvT3pU9R1sxt44jbwAcrf2H_Z9cg-8-fNUeW5oGWZIOPmFTKEfpWkZVwSVi0ew8Xzltd1DJ7wiM_ddLCPOL28bstKrqYnQjwMJO-u6gLUQIrsUhEuxb-4_TrXqn6Mye3EqYIU_MwRrJH0fyyCr1EFNVi69gxmWVa-k9MVZGWwvbgEOfex-WDV5uyamuwpUhjT30EfFkpdMXa_qR-igh1fq0JXJkvb5col38ZC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cripo.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

tracking-event
api.webgains.io/ Frame 04CB
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Sep 2022 03:30:05 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 20 Sep 2022 03:30:04 GMT
server
nginx
155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame ED81
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
521911
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20858
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:31:33 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:31:33 GMT
1651e19e4156ba9c441b0295aa33da49.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame ED81
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/1651e19e4156ba9c441b0295aa33da49.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
521908
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38874
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:31:36 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:31:36 GMT
391f7a7a4277d1f9d837ec833bbc3a24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 8B66
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
520383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:57:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:57:02 GMT
d34ccf238d4bf4e0765398db2e1d9d0c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 8B66
16 KB
16 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/d34ccf238d4bf4e0765398db2e1d9d0c.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
520374
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16534
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 14 Sep 2022 02:57:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Sep 2023 02:57:11 GMT
86497226
mc.yandex.com/webvisor/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/86497226?wmode=0&wv-part=1&wv-hit=752228079&page-url=https%3A%2F%2Fcripo.com.ua%2F&rn=739636979&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663644605%3Aw%3A1600x1200%3Av%3A882%3Az%3A0%3Ai%3A20220920033005%3Au%3A1663644601354618810%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Awe%3A1%3Ast%3A1663644605&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cripo.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:05 GMT
last-modified
Tue, 20-Sep-2022 03:30:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://cripo.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 20-Sep-2022 03:30:05 GMT
86497226
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/86497226?wmode=0&wv-part=1&wv-hit=752228079&page-url=https%3A%2F%2Fcripo.com.ua%2F&rn=545555162&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663644606%3Aw%3A1600x1200%3Av%3A882%3Az%3A0%3Ai%3A20220920033005%3Au%3A1663644601354618810%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Awe%3A1%3Ast%3A1663644606&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cripo.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:05 GMT
last-modified
Tue, 20-Sep-2022 03:30:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://cripo.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 20-Sep-2022 03:30:05 GMT
86497226
mc.yandex.com/webvisor/
43 B
176 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/86497226?wmode=0&wv-part=2&wv-hit=752228079&page-url=https%3A%2F%2Fcripo.com.ua%2F&rn=320793535&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663644607%3Aw%3A1600x1200%3Av%3A882%3Az%3A0%3Ai%3A20220920033006%3Au%3A1663644601354618810%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Awe%3A1%3Ast%3A1663644607&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cripo.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Sep 2022 03:30:06 GMT
last-modified
Tue, 20-Sep-2022 03:30:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://cripo.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 20-Sep-2022 03:30:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ua
URL
https://mc.yandex.ua/sync_cookie_image_check
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPsin4aaLFP1lUwuLoDWBgE&google_cver=1&google_push=AZmPxg8u8JEfPF1BborTY6ecYc2lsjDXFDtQ6TRQzH0kgomUlmBGSfV7vqQHrXvBnSKsK8rC_DijAg44U5LuCO9Mespt5lO5D2duHg

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| googletag object| adsbygoogle undefined| $ function| jQuery object| rlArgs function| BM_Draw number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| FB object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| BM_STAT object| _tmr string| iS object| iD string| iT string| iH number| iI object| _top100q object| wpcf7 object| ntb_anims function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| HUParams function| ym function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect function| ai_run_413765749165 boolean| ai_js_code object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| __buffer function| LazyLoad function| _ function| jQueryBridget function| EvEmitter object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| siCss function| siClickCount function| LoadInformer object| swv object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| smoothScroll function| tcOutline object| czrapp function| Waypoint function| Vivus function| ai_document_write function| ai_process_lists function| rl_view_image function| rl_hide_image object| $_to_center_with_delay object| google_llp object| google_image_requests object| Ya object| yaCounter86497226 function| Kraken function| top100 object| top100Counter object| _top100 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_130 object| Criteo object| Criteo_identitytag_130 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms function| arrive function| unbindArrive function| leave function| unbindLeave

55 Cookies

Domain/Path Name / Value
cripo.com.ua/ Name: b
Value: b
.cripo.com.ua/ Name: _ga
Value: GA1.3.2095285835.1663644601
.cripo.com.ua/ Name: _gid
Value: GA1.3.466345965.1663644601
.cripo.com.ua/ Name: _gat_gtag_UA_3950698_1
Value: 1
cripo.com.ua/ Name: iua
Value: 1
.go.rcvlink.com/ Name: cache
Value: tpzb6NDbuGv-2Bs
.i.ua/ Name: __cf_bm
Value: TywCFmVSL9sVeb25439ft_Z4GVkpvV25.1xqW13n15s-1663644601-0-ASEX2Ze7MehZTQnhCjm3cU84evbFHNdvrxyf+TTP53JpAuqcJVE++yYhrQ02z/YKa1ajC5+OKZDvF6QqW+DG4Jw=
.doubleclick.net/ Name: IDE
Value: AHWqTUnztpTqm3cco9pWTSeeymoZCyIX1w85UIzwh-BQwq5V0XL1TfJAnx1PMePTHqc
.cripo.com.ua/ Name: tmr_lvid
Value: a70246a8f9386c5ccf7ca81ca51ab09e
.cripo.com.ua/ Name: tmr_lvidTS
Value: 1663644601442
.cripo.com.ua/ Name: _ym_uid
Value: 1663644601354618810
.cripo.com.ua/ Name: _ym_d
Value: 1663644601
.cripo.com.ua/ Name: __gads
Value: ID=1f9dfa582e9e571b-22b91ad128ce006c:T=1663644601:S=ALNI_Mb_nZXvYtHXfbl8zjoBf7j6eWZTBQ
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4149827483fake
.cripo.com.ua/ Name: adtech_uid
Value: 2d247d17-d1a6-4656-9635-d53399a67759%3Acripo.com.ua
.cripo.com.ua/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 320892818fake
.criteo.com/ Name: uid
Value: cd2d80e5-0142-4663-ba04-79f4e58973e1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yandex.com/ Name: yandexuid
Value: 445993581663644602
.yandex.com/ Name: yuidss
Value: 445993581663644602
mc.yandex.com/ Name: yabs-sid
Value: 1442428701663644602
.yandex.com/ Name: i
Value: /Yi1A8GXHjXl9LoSyy78Q1++zoLJu5k3jWqKL9H2pIJJBGSunAYZOXXUEIZsBx31iBPs/IkiJw/DZ4/daJBHyhMHOfY=
.yandex.com/ Name: ymex
Value: 1695180602.yrts.1663644602#1695180602.yrtsi.1663644602
.quantserve.com/ Name: d
Value: EC0BCQGSJ4EA
.quantserve.com/ Name: mc
Value: 632933ba-48eff-bfa4c-d7faa
.casalemedia.com/ Name: CMID
Value: Yykzuqd99oHM.06UxidcpwAA
.casalemedia.com/ Name: CMPS
Value: 1178
.casalemedia.com/ Name: CMPRO
Value: 1178
.rambler.ru/ Name: ruid
Value: 1CIAALozKWO/qeG/AbHVYQB=
.cripo.com.ua/ Name: _ym_visorc
Value: w
.casalemedia.com/ Name: CMTS
Value: 1106
.innovid.com/ Name: uuid
Value: 28f09239-e2db-44af-b69c-2ddcf339dde6-20220919 23:30:02
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.cripo.com.ua/ Name: cto_bundle
Value: _fe-sl9HU1NkdFhpa250JTJCRll5UmVQUXVPU2tocW1od2MlMkI4UGQlMkZWRzJDMVBvblhsVkZ2Z0xHcWo0Q25ISXNjcWJNRGNNJTJCYSUyQjJKZHhqSWlmbVZpQUdpdGRjUnozeGR3NzhSODI5R1NONHlXZkhLM0RWWExKUWVtZVZXNksyRTVqZ3k2dXElMkZiSmZQbDBZb25HaWZxSHoxUmhVSnclM0QlM0Q
.addthis.com/ Name: na_id
Value: 2022092003300200015589455869
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 632933ba43826ed6
.addthis.com/ Name: ouid
Value: 632933ba0001e308eeb4a93a94fda6625e2d8e28046f4d6390fe
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220920
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.cripo.com.ua/ Name: tmr_reqNum
Value: 2
.mail.ru/ Name: VID
Value: 1ZSvel1Np52C00000h1ML4IC:::0-0-0-8438c79:CAASENaU2yYQ0GAEepK9sTzkfx4aYLs-PXsovU0BW9GxRTAWsrg-zNnVNbkYGSJwdyvbtbJUoOzXF_F_U7IA_mDpUPT7eOtRiGEFbBpGh1EBTQR4aGWkuLbHfow_yLLZAdrCV6AXLhz7996nfND1Tbbp5dO74Q
.awin1.com/ Name: awpv11354
Value: 412871|1663644603|83d20d90-3894-11ed-bcc2-2261f6323861
.awin1.com/ Name: awpv11938
Value: 412871|1663644603|83d1e680-3894-11ed-b2a7-22665d867147
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1663644603_83d1e680-3894-11ed-b2a7-22665d867147%22%2C%22sp%22%3A%22awin%22%7D
.zenaps.com/ Name: awpv11354
Value: 412871|1663644603|83d20d90-3894-11ed-bcc2-2261f6323861
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1663644604
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: xocInABeIZMKWgKkTW8goh7nDTDVomwMu04GwCKcv6I-1663644604-0-Ac68/nO+6u1BqL7Lom3iXMpzLmljESxhS1n+oPSYEgY01SWXKJ6T20kYL7mEufVSn+RSFJvBY9MwrqedmfCPhjM=
cripo.com.ua/ Name: tmr_detect
Value: 0%7C1663644604343

10 Console Messages

Source Level URL
Text
javascript warning URL: https://cripo.com.ua/(Line 1577)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v9302&s8731&t0&c1&n352095&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cripo.com.ua/(Line 1577)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v9302&s8731&t0&c1&n352095&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://mc.yandex.ua/sync_cookie_image_check
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6866881496498119&output=html&h=60&adk=3805358328&adf=1047655999&pi=t.aa~a.1665869076~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1663635313&rafmt=1&to=qs&pwprc=5839131029&psa=0&format=1200x60&url=https%3A%2F%2Fcripo.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663644601362&bpp=1&bdt=1436&idt=1&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5c3de0c247a43fbf-228b17ed26ce00eb%3AT%3D1663644600%3ART%3D1663644600%3AS%3DALNI_MamlvWJnWA9a4vrkIJnhUqzrnizCg&prev_fmts=0x0%2C280x600%2C1200x90&nras=3&correlator=1988934572422&frm=20&pv=1&ga_vid=2095285835.1663644601&ga_sid=1663644601&ga_hid=1330808656&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773165&oid=2&pvsid=4025851348637579&tmod=1489579737&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=wHzcSi8JJR&p=https%3A//cripo.com.ua&dtd=30
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9766.jQxVbu40dYHRBx_KlBUoteug8oBAAs5aiDcUIc6VMMftMlkMSVnimjdC7Br-6qfPpcSjXbwfhGxeGpTbYka67A%2C%2C.474byduHZlgQbUSuyBLhgXWbiMY%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPsin4aaLFP1lUwuLoDWBgE&google_cver=1&google_push=AZmPxg8u8JEfPF1BborTY6ecYc2lsjDXFDtQ6TRQzH0kgomUlmBGSfV7vqQHrXvBnSKsK8rC_DijAg44U5LuCO9Mespt5lO5D2duHg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg91CbY8-G5c9-w8CMkgCnR_T2O1ptwW0IhCWMu98J9tKqSNbabOnWZGvBT0CZgHrfAEwc01XfFzzBGr4cYDDxCm86Q2A3AN&google_gid=CAESEKr8yygSXNtAaTwa69-F6Dk&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9u4XKs1Jr7eRw3HKMBa842S-2CMku87idnnTyYQFZS8K72AzhzOQkCbZypvdrhMM2RIzkrbR_xaogfUaFha2sjL4Y3iUc&google_gid=CAESEKr8yygSXNtAaTwa69-F6Dk&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.bigmir.net
c4cc15f7cab4592d9b94c9aad88cda6b.safeframe.googlesyndication.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cripo.com.ua
csm.eu.criteo.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlink.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
i.i.ua
id.rlcdn.com
image6.pubmatic.com
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
mug.criteo.com
odr.mookie1.com
p4-hdrfakwaohvrg-boghpvat43xigcul-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
r.i.ua
rtb.fr.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
sinoptik.ua
sinst.fwdcdn.com
ssum-sec.casalemedia.com
st.top100.ru
st11.rcvlink.com
static-de.ad4mat.net
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
googlecm.hit.gemius.pl
mc.yandex.ua
104.111.215.191
104.18.19.126
104.18.3.81
104.96.132.42
136.243.84.74
142.250.184.226
142.250.184.227
142.250.185.66
148.251.139.77
178.250.0.139
178.250.0.162
178.250.2.146
178.250.2.148
18.134.23.117
18.66.147.120
18.66.147.89
193.239.68.97
198.47.127.19
212.42.76.150
2600:1901:0:76b9::
2600:9000:214f:6400:1e:a43d:b640:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:3037::ac43:d2da
2606:4700::6812:7e05
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2004
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9a
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:6b8::1:119
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a05:d01c:1d8:8100:3f19:5c6a:796d:22bb
3.11.238.206
34.98.67.61
35.227.252.103
35.244.174.68
69.173.144.138
81.19.89.18
95.163.52.67
01ef6ebd6eb1681f764ebaaca655e0fb590967176f2df5b3fd9e67e1bd525ebe
021d98c8bc6675e473a27c790d9300804714d543c7575cfecd984879b7be2a5b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a034061196a92b75b0900de7d7528fa6663d0364ff090af88e1d81a9029c557
0a11fa6fe41575f726580a25425b78c1fb7af65967c61cf230e440734d078e2c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1398670a1fabd16ce06d8e7e4f4c113a5e6bb1e89fcbab5cd8ded8cdb95f8d
0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
12779cc0ecd0ae701172382f5bf69161db0efbbe7259eb84aaf19e327563516a
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
1d8925f553cb9f142fa40b07045b8c23d6683e0189caf009d7ae8ca490711f7b
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2801bf17304ea0c05b50af0c2adefd7953b93b6f5b4f1419c145126e6daebc9b
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30b4b5641b2430f0d935fa51e79cd8f19876b80efdab2c3c9cd75077086d4281
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
315d7a002dd3d80348d61978de068e5fc863ddd9850859f454c24d52f3b49a4a
3211eb6a4da5a6c8c5bf408491f53c2fa4f2a650842fe7ec8b1d1f08ae2a92e1
33b743f3d52c003790ea9c00504d0642c718ddfe3756aa5ae1d0d3c8f2dd8859
3430421ad94660d1b69634985637bdae54fcde889a0910ee7474f353b00a449f
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
363aab6057a43e9d7e3b9447718d48e28440146920dab17aafac9c5779314893
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
38d3fcebc202a24d848608dd8e39613b37107cc9809c2c196a2fc5c79bdb9737
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
43d1db47c32098848e3f6a32a39d8f50a9e91a25d4e5ba8f63daba275e6557d5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4be34a3fff1cdfcb21d709e93b852f611536ae1d68fc0c165b87544a27e078d9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f18eaf4ecf86a83188e345382c85495e4ac458d65cb6c81410fc754139dffa2
4fc789e1449dfbf30b50b834d0e723bd180b207f249a77296bd2850d68b97b13
5127bc347170d273c7b2a3fc81881049f980ec7ee127f017e0f025f45af68682
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc
593416dcedae90588e05c3ecdfe88cdc495a5f7e1667d3e86621e4acc4065b62
5a5a9a5c28686763fe32dfe8200cdb1a8aa8955b5fb339031fe1fe53521e4238
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fb840b5c052f6f9b072cd6f1615f3035afea2fcfafcbe926eedcfde3b3b5742
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60e1e742032df2f87ac2a39ed149f3a1deb14f85de5bbd1be5eb487237954348
60fe3d31fa37d2b79b59e2047eee2698289c35bd367607991f5b3ba9d4e7401c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f8d8680396eedbe81ac79acd3ad154606cd802314ac8614071f8725317ea8b
63138e0b1c4fb2d044739cbff9980fa61b99c775cd7a80e5446e03b777c3f40c
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
65484ec54b9e4c4c5478abf4f6f188d4f13b35a3992029f3bdadabb645972a86
65c0903e672ee977de66abaaa4902a7653d4aa0f72c2039071288e19c0e0cc45
699f43621184d380dc3c696b3835f1f4b36cf9574e783479fd35abda4917a18d
6a761d6674aeda2473573feb14bad841b4c9d72fdb0bcb4a6de5da5e71d3005e
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73dd3dbe49b49c3d8d6ca6544f27751ef702ef7e2875c00f78477623365bef23
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d
81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89cd0d2e6f4e3c0f761f59ed18fd83e831b1c3c62397038612b779dcbcbbbc1a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d1f31ff7a597584e1bd725247306a107e19878cfb3dc97eab204f9f1bb0621a
8d799704b0a38edb781472fd351fb6adb4a28bac0a74601d821930a6330f476f
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
920bfe66ce4bfb06c7abcc11a3ed42da28a2219cd7ef1e89c29c72b458f57747
951a26fa91dbd08b27f272212dcd15550b88090ef63191e9e9824b3b8c2cb194
9564785137d06810520a77aa69eed7ee9ba74573ce69a42d1aee2c5cc06278f1
9729e74cb0a9b72d7be4a9deec8df6af91f2aa75da3676e67818b532548f85c5
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
97faf1152eeadefeadbe043c69b18b8cc22dcb3f32ca914c57dfd69f3e2d67a3
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
98beb24665ffbb12739a80744daae9449bca18e8ab4cfc3fc0fc10f259bef71c
99caeac50da5f65990ace453a7dd0741437cdb8d1ac3a6404563b0670837d689
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af11a37fd6c3c92a3a2f6fff785629f76cb68f87a7d0522d2ebce5792fdbf81
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c988ac9fd0c8a272e5affd027eb2a0d6177b195ac8a1a70adc1f7edc63943e2
9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a665c69a46c4dcded8e6fc9bbf440ff6d3f5378e175f9b0e2be473004f1a1c84
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b76c6d779e3dec06b163f6e16b35ad76f0bedb69e062097c81cbce7e8e3da1
a8b6c000b75872a412d566f65e3e36c99361760afa96b8c9ed9f6aea16440f25
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42
ace8e55eea47859364b4a2a7196c07565c09b48210b2744ed6ecc0475c2c97d9
ad2aa3b0a1227c41bcf3ffe60f4c56d6319c72b93fd69639848a994064541984
ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555
afc0cabd52e86caf0a51e8bd639b9df3a721fb57f439f7ddd3cd64502b67c578
b0d9a43a44410166fc5ff483dace5234c3d9e35e190069b1b974ef505df89753
b10852e6b7448dbd73eed91845674c0db1a9a7ee23c3fd3f494a2c422d7cdbe2
b4313f0c5455136f3863bc16dae6bf769d6610d0ebec6e11889a317ef7d7607d
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b7ccc2fd2fd17880f18c52a16258e3d72a1e343a13c197c67eb8d150ac09c677
bb75e418092f5a928f36d07d6596a96a254bc5aa288c519a9323c301af3555e2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
c13a53c095336964ba6af0a1fd345cb472efc936e8fbd9631e6b4269b5c63028
c1f412ae90c51e8476fe443652929b54df4a37ba31d26698da924a26ca334ba1
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c486ffc0510a5d3933862fa223b0c7a1086aacbb5974df77e1c373e733b8364d
c49dc1073b1c1c81d9672f9d44027ad2b8913167fb26ea92815bf978115c065c
c69c9ebee016b1fcf50e14fbfad295c5e9253007b5d9e17235057b4e920b3a14
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
ca06b7508ef7e06b86990be1ca7678bbe8eb9dad5b64a0d99161fb3652cba28d
ce6c3dfb0967b3e42954ec52e624e51c001f0bdec4d9d42dd40f6d2b010f9d25
d081ea3912bd6e1969df9c270453203bbc0ff87ad87e3af36ac239d4712720b8
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
d14d1fc017a1c5b7220fc41a58b87ecb7815d39a1546a4b9ef320c206d7b30ed
d396df02b5d1618cfdcca3c3bb68241ce7ced903cd5d3a50604b51821bee86d8
d45d97cab59d0128bcc90122ca81806553e93bdbc8f10e5cd9ab465ccf752573
d52b9e5b1b1707fefa1f1d11bad87e40b31caee48a8027948a878b790d0c3134
d52e9f8340096981f73fdc65d947526ea068bde2028d337d6a851b1e9c59b448
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6d8092d1133ef491dc0c3476fc32dddab0f57d9516633db6d077adc91dfa481
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9af71ad7c3ec136a3c382882e01e0fdd88be977510f5554ddac07e616c5931f
da11cbdb16431e70f4718401504d7d61e6a811e9fc0ccc5f386d2c4aff429040
da17b5f5a32fe9152de843380147c3166f3bd6544cebe5653d203c8ab067a36d
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9a3af430a8f9342eb4fa2727286752c002722b2e44179f281a0da69a71e0de
dfe06d200a4963b3da08554d4f1e769a11a84193228432758853b7d963c04e84
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d
e24012a8bf63772abdef07918b0a3d158b39be2ccd2b3ccdcc68c9d4830357c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ec8c02ce1156b46862a31790e01b86c2c1c40299b2636c553803d22f566b47
e5124be9d33d058bab6388a40569f746a47d2569752dcc28c68e979d15a15e78
e794bd981fffa3ee68b3d2b7401af61390b1cf15cc40780ccf01624c75e65c21
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7e22afffaeb2ebee859d3de23029aca228b10f5a905d2b93f73e998275db85f
e80770517ccc4f80563fbf11a0a8ace35fd89a2e276dc090c23b73b16e157fa8
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
ed8b1dd84b3d8427bacca74cf55cee3515615326b1c6b1351864dd2b78da3ff5
ee43cd8989e72cae9123bb66e2d229ced30da9bf271bf682b321bcecf4f2e01e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f210248157545b87cc05b38b166eb398bd8a5e5795f3c7eaecd683e535d5922c
f26f86b01471869ef323ffd41a98d4561975d524a1c45818300ec6d89b99daf4
f5971000c8e746b696100d9953e1904039ebdbd62bcc4a2e368248dcfe6c7312
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fcdd3aeba803256ef93e455ff8a4fa1f3ef4a693fa622aec7b637f353b14dc90
fd3916ef1e360e08a918d339ffab15166f25be3095d900e02fa1f3ca0f4324f0