rebenok.cn.ua Open in urlscan Pro
161.97.175.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rebenok.cn.ua/
Effective URL:
https://rebenok.cn.ua/
Submission: On October 19 via api (October 19th 2022, 12:16:45 pm UTC) from GB — Scanned from GB

Summary HTTP 193 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 25 domains to perform 193 HTTP transactions. The main IP is 161.97.175.26, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is rebenok.cn.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 30th 2021. Valid for: a year.

This is the only time rebenok.cn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	161.97.175.26 161.97.175.26	51167 (CONTABO) (CONTABO)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:58b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3 23	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:400... 2607:f8b0:400e:c0a::78	15169 (GOOGLE) (GOOGLE)
1	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
3 4	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
3 3	3.121.8.30 3.121.8.30	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.248.56.90 3.248.56.90	16509 (AMAZON-02) (AMAZON-02)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:11::7	15169 (GOOGLE) (GOOGLE)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95	16509 (AMAZON-02) (AMAZON-02)
2 2	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
193	34

24 161.97.175.26 (Düsseldorf, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi859577.contaboserver.net

rebenok.cn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400e:c0a::78 (The Dalles, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.8.30 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-8-30.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.56.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-56-90.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:11::7 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r2---sn-aigl6ney.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.76.200.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	668 KB
47	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 bid.g.doubleclick.net — Cisco Umbrella Rank: 444 ad.doubleclick.net — Cisco Umbrella Rank: 185 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	270 KB
24	rebenok.cn.ua 1 redirects rebenok.cn.ua	887 KB
10	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 78 mts0.google.com — Cisco Umbrella Rank: 4659 www.google.com — Cisco Umbrella Rank: 2	1 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	133 KB
8	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	7 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	313 KB
6	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 rtb0.doubleverify.com — Cisco Umbrella Rank: 703 tps.doubleverify.com — Cisco Umbrella Rank: 502 tpsc-eu3.doubleverify.com Failed	131 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	62 KB
4	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 933 r2---sn-aigl6ney.c.2mdn.net — Cisco Umbrella Rank: 217575 s0.2mdn.net — Cisco Umbrella Rank: 273	1 MB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	2 KB
4	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 671	289 B
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	543 B
4	quantserve.com 3 redirects cms.quantserve.com — Cisco Umbrella Rank: 729	2 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 584	630 B
3	agkn.com 3 redirects d.agkn.com — Cisco Umbrella Rank: 651	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	1 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	417 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147	914 B
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 278	17 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	8 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1565	296 B
1	adsafeprotected.com unified.adsafeprotected.com — Cisco Umbrella Rank: 1821	18 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	699 B
193	25

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com ad.doubleclick.net pagead2.googlesyndication.com
28	pagead2.googlesyndication.com	rebenok.cn.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
24	rebenok.cn.ua	1 redirects rebenok.cn.ua
23	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net rebenok.cn.ua
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net rebenok.cn.ua
8	www.googletagservices.com	googleads.g.doubleclick.net cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
7	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	fonts.googleapis.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	pixel.rubiconproject.com	4 redirects
4	image6.pubmatic.com	googleads.g.doubleclick.net
4	rtb.openx.net	googleads.g.doubleclick.net
4	cms.quantserve.com	3 redirects googleads.g.doubleclick.net
4	cdn.doubleverify.com	googleads.g.doubleclick.net cdn.doubleverify.com rebenok.cn.ua
3	ssum-sec.casalemedia.com	3 redirects
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	d.agkn.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	e.dlx.addthis.com	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	odr.mookie1.com	googleads.g.doubleclick.net
2	r2---sn-aigl6ney.c.2mdn.net	rebenok.cn.ua
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	ssl.google-analytics.com	rebenok.cn.ua
2	cdn.jsdelivr.net	rebenok.cn.ua
1	ag.innovid.com	googleads.g.doubleclick.net
1	s0.2mdn.net	ad.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	ad.doubleclick.net	www.googletagservices.com
1	gcdn.2mdn.net	1 redirects
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	unified.adsafeprotected.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	mts0.google.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	tpsc-eu3.doubleverify.com Failed	cdn.doubleverify.com
193	41

This site contains links to these domains. Also see Links.

Domain
invite.viber.com
www.simplemachines.org
spmod.ru
www.smfads.com
www.createaforum.com
smf.konusal.com

Subject Issuer	Validity	Valid
rebenok.cn.ua Sectigo RSA Domain Validation Secure Server CA	`2021-11-30` - `2022-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2022-10-18` - `2023-11-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://rebenok.cn.ua/
Frame ID: 2148029F1451B726136AC200B5ECA781
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/zrt_lookup.html
Frame ID: 0E684EE21D106C50BE578A1A22B3BE9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&adk=1812271804&adf=3025194257&lmt=1666181799&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frebenok.cn.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181799798&bpp=8&bdt=429&idt=339&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2552228943737&frm=20&pv=2&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=396
Frame ID: 9A0244935D504CBE481C4FCB0E79C9B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=280&adk=4144480424&adf=3594046531&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=1200x280&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181799806&bpp=3&bdt=437&idt=399&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofUOYT87Bm&p=https%3A//rebenok.cn.ua&dtd=406
Frame ID: EF3A22711F09D2CBBA13F02D72D81B47
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Frame ID: A7EAAE377E1CC187194208993A024D17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
Frame ID: A3C8E20A3F19DE5BEC1B6C1BD8AFABB4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=1642762165&adf=2692237670&pi=t.aa~a.3594524556~rp.4&w=1126&lmt=1666181799&nsk=4586be61&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83&nras=5&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6vgF0mfwS9&p=https%3A//rebenok.cn.ua&dtd=24
Frame ID: 01E3A0B1976061EBD72917A0A59CC536
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26
Frame ID: C55C1657C356940E11EC1AC2EA891C2B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1
Frame ID: C1E0DBD89ABBF70A0C67DE9A0B78061E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js
Frame ID: 8CCA787EB0B358E58C2BF1EC4DF659FF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjt5IrOATAB&v=APEucNW1dU-AjJgekCCWcKixDTTi3o_I0yY14VOus0JnPcrLwPflryA5uvobUChibPnDvtVrlD0VpyMi5fIBAXbig9y1mJ9B3xC7RRr0Erkfe_1pL012zFvXTBjlnFymgED7v-baxL9CGud_qxHlrnVCNtSZeBkmMZGdJsp_LH2Uqc2q586QJLM
Frame ID: 305E3F3A40E42D786DAD5346C68ABEFE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxhVYvPmLvTx24RtK1AsHnlt35KeWY4UjKptWzSZQMH7UNDurzpnGK7C1mmGSTJbsC1_mVU8mE1tt_7WK7vrKrH4uRTWXpl8lKtLPuXBVmc1LBONeqZfsXM_EGEyOM3S8Zm1JQrB0kVTEe6QygVk4O_T4SrLssPht_6zwnAguahvlBHo0&cry=1&dbm_d=AKAmf-BppE0uBcv3bgdL7IQOV6WVDFckELrRe4mVrewie5N6mCO6ChgaXB41XiOq_9nVsfH7xUNsHXK9W0tcxdO4OqKi3NL2PcS6zocF5kBbomTZ01eY0IB6ddZtcfXBwRDLSd31rj004_gcQmnDwnS8DtN6QlhH8kdIurvAGtrrThgQ5XUe0BqygliriOu942BGlCy64AMA5-BtAZ0XI5udDDzDXtdFM4eyAuTXOS-ydPK3TkbYtSNPzd5MnpYzGNl7CEtx0tk3LTiHApdINvMCAmZcnQAEWWAI7bIiH6y7oj-xTU7dZMmne9yNvfjmxZcaaNuN0BPhpngZtYV3exqT9LoIE_O1BvmSb06KNkKUZdaVbfMjfGv30xgoaptqWuWY5fIn48cOj0SX3Ta2YvgvW5Gqrt5NCIDT2ff_yzq1YC_PEtaZszCNprTPgN6tCnpNsebhl_W5VLAD1Z_ax0K0UAW526Lk0tftsJylUibzgGQCYdj__f5Nrbw1CN5Esv15RyA84bAsr7M_aGYWK7BZ9yn2rNCArO2KUO2nG2KNh2n4crfpYzdGFMeZhaSQmsMOo0YrazkKuhBtbisQJ7loraqJBWl38aQx0wjQr19Ht3HpUvyUJjVajeL8tuUf6WR5hIzH9-8SYrE7R1Ie-Z2johT9cJzyEmkaT2gZ5DE4bwSXiVGHizTqiAKEUn81vVb8v-SEWI4_IhUY7q8BaY7XCR4M7wpiIZV6jvhvVLSCpHy3DN6H8i7wBSX9IpkXj-NsdyzIR7Vh151Rp1ZOHskqzD3EI86Xz0UCqHe1xdx0zuRvJ3iFlKuxlaaG3ZbbU5iaKFxv8AcyibHPjw98swFMDRuSTGv08KNcTvtwDpgQgip9UWYRLS1o_UFPOg1pAuuRJ_ONKrcndNzEyRdxspvrHznAML18dpV_q4pvmIbSQwtJnicxAzvDB2XEb9TrNpU1vMHRoaZDKAL0CpgN11OXRWybpUU_1SPMF7ew48jc0J4vPxkhQy1YL3b3cEGixPoMW3hx2Tx6wqhcuZISEXPUMh3Lpw3vgq7R5xL2hXQg3Px8uc9_ETW7F9kDR6d4M596T03cY3ERLFjB5cZSSOW7pMNIwcEhI9K6_9u_AOnBJTrZUYYI77Wb3AIregwUfnivPdQDgt19pGlqPCDzGeE1_56jstTG3P7IMrjSgmElQSd2K836lbgmYQnt8rjjJsu-E9sdjn_8eu-YVXgCKA3pKfZ9BOHkTMFCfV6WEPgae6MFeZFaKjz9nxO5Sth9ALv0Z39jlHm7YXYqdNZS_9W5-ARPffFskabf0Xhf2NAe3LSxQBThHZDgLdNp0ZtlSDyaEmaexnjFx9AdcJWASwautsePIJOFU69Lw3rlKnRJpQeAbGcI1tjy_jQos6aiucxQUuxdbZkZtU4U-Wtg5hQ6YunZDyLeMuYEoqOsdCHY8Ngp2hkRSytg_ORiH76s6b3ZxvBJHsUtWR5qC6rpiifZQaMXdpZF5wdmZIbMi4jJa7DoJt_pgCsPxtbK5NsEQpFZAlZyfBt5yquu6yi_z8Tcx6ujJjDIMzlninusOHWUWK6AVkeUfVK_Pm7SduLMBKri0log4FKQ1RuChF-J-cYFzWdJz2mlgkEOXXD6ldLKpAp9ASELg30DNfiHedX0ZTFSqDExlFioXLijXh8l8M_Vfn2v7jUmjghHIRt8V9O8qKSL9Z5jfV-0yjK0WIAaMk7g18dvpWC1A4CsoitK3pwh5S-lH9xriW5qEGuVnMT2bKSzOUWCp9tHTFPuz0qK4orTyVEPgXr_8rLFqOOpzyGkonPYwip6V8tmY-Fvey1ySe_OgbN1pTsviooz9ISpu0JYuqwjbpak231VweVVsMv1Drt2dGTTJlGwwZvGKoLzzCk52IOj4Gm8yixLZcQvzFUgbJc2tplIKAAEQjHgCDeFzr-Vuqwq9XcNIwDbpE5HVvWmfgv4WaOcFDrmpvHjJF5mOzKtqwOV2PiRJJx8qkzLOL5J_ySLrgg0A9AGIoQr7pSb7x7VDWYriKqB3tEYkvrgfw_bMycg8oqPS7AARhZVXtJM5wb-IlwR8IaHbk09X2vcLHJqafwpxR0cJkP_1lOmSE4gZYuWKluby47FdSQO0GPsJNfkvGEABHUie4VPv8ZfZIAkNfC7NT5_ttsIE4tCbfOQV2GpD8tg6-EIBlpdWAmJP8xptJRidXAbv-Ghqa688ztEPFDoy2AvZ1nJn-6Go5N4nhTFY6hY7O_SLn7gAUjfVzRdfrCnGKQlV7VQ8Ba3YzYEAfsZNK0izJYSjGvw0QwBbKb49GoahKyOtl3fjb4vdD0BYHGmhlUinXLQZPLqoXGazexNxkRCdlU4bqLex1mcZeKHZOCaZRjPk9drJGpLfB17bYnJ47ulVSroldcA8rgl_8T6R49wEr9x3Mj-6kxrfApMvnIfm6HnKejmm9LI5uuoZ74U7UbEYLkWN7yW9gLpAQKOqA-MSdpfn03WmMtJ2xL_lS1Y08MO-I4F7G69Hc2OjlE-zIx7Pfmp-9Eieus01LgS0LRuIRfpZtZEo42Axqv5T6Y58lc1Zi6vNl2pdpkia3aGn5_jPtSKXInu8shuaVWPnJexbhiPRC64fyds7GPE2B3P_t_EOrZqdkGyEqxs36kcLBulCznMhTck94tF71oVylCZXzKk7fIU3eKk4Myltm2UPD7gV4P5dpeEjWZqW7A7EsxYeN8u-FPHRfhYnITx9_z6o7EoQJnp6RRFsILp8YguckNdAN6oDEGctjkNQsDKgIQzFXhhQ_kwJX1gL16Hi0m5Ej-v5_hawoYX_X5escj4tOe9DXamHY7NFJbtuf3OkF-WfzURbRx09iz3iwvw7tIikfD-ubv8RQtZLWe8TWjLefwXLNfmcPlJ1ofXiqnvRMV66AEZ-uefrjCJpq4&cid=CAQSPADq26N9bzLD6XjvtVUCiU4fmqZFcXDhOdWW7TuUz3C3n2JwICuMo21Q9oczwXoqpBFVNkm6FWfZTcMAvRgBIA4&rfl=2%2Chttps%253A%252F%252Frebenok.cn.ua%252F%240
Frame ID: 03A5E60E00860C0FAAC4B60653041151
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AFEA9A7E11ED84B4ECCC41A2A48B4ABF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3669540542F24B7917CE433A41B6856D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0522D8D32D4A7009CD60A8FA5D8F32B0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3F9F042EFAA432EFC7AC1919F5C90033
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=497053800;ord=1lpl9d;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Frebenok.cn.ua%2F$0;xdt=1;crlt=7a41SaZ'lR;stc=1;chaa=1;sttr=55;prcl=s
Frame ID: 7B40941EA7EFB292DDF9FDB3972883CA
Requests: 10 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 83EB8C09E1533D261ADAB1D09B62EBCC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E4553331B6A97BE457539A0970528AF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A15155A14223E66A5F39F71C3B96188B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 801AED572EC0331EC56350AC828DEB62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A124ADC06E68CB3B8255B06B411AE31
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B37B04247678F6F3F4D975127BF9137F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F29A79C843A60E8C2A193767AE2C6B5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8A2861D3D8DDBCCA9FEA5100CF1B11CD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: DBA480D9D9C1A108DECEFA2962EA19E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 0AC94A31115F8B8C0E8A0E3E30489979
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 894C5154D903B2CEC60BDA20B4ABF357
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 4E636988D82326598E219001F04ACB60
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 518F6B824A59D8160C00998042AD1391
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EAAD7A6B47E3E97A3FBFD98FDFAB7CED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Чернігівський форум про дітей - Головна форума

Page URL History Show full URLs

http://rebenok.cn.ua/ HTTP 301
https://rebenok.cn.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

193
Requests

89 %
HTTPS

55 %
IPv6

25
Domains

41
Subdomains

34
IPs

6
Countries

4000 kB
Transfer

7057 kB
Size

32
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://invite.viber.com/?g2=AQA%2FSVgGGfQUBUxI48I4dhONjGo4qWtUZAp36ivYh9QxYbNs1cyEd7TZrTrmoEDz

Search URL Search Domain Scan URL

URL: http://www.simplemachines.org/about/smf/license.php
Title: SMF © 2016

Search URL Search Domain Scan URL

URL: http://www.simplemachines.org/
Title: Simple Machines

Search URL Search Domain Scan URL

URL: http://spmod.ru/index.php?action=spmod;sa=help
Title: Simple Purchases for SMF 2.0 beta 7 © 2016

Search URL Search Domain Scan URL

URL: http://www.smfads.com/
Title: SMFAds

Search URL Search Domain Scan URL

URL: http://www.createaforum.com/
Title: Free Forums

Search URL Search Domain Scan URL

URL: http://smf.konusal.com/
Title: Smf Destek

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rebenok.cn.ua/ HTTP 301
https://rebenok.cn.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&C=1

Request Chain 90

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0-qqV.fWn8Ni9--9XqxmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&google_hm=2

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN15GiVXt32Ae7Vv4XAK63Q&google_cver=1

Request Chain 92

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE4MTQ5NDI5OTAzNzcwNDc3

Request Chain 112

https://d.agkn.com/pixel/2175/?google_gid=CAESEP5ifbXD5aiokCVe6LfkwnE&google_cver=1&google_push=AZmPxg_FFTuBfBg8fr379xfPiQYXLCZllH669gvBDJypD3iCObxgFRZqepyQ4GgC34goz0h1m17oBgsIR3ZjV-Qqjs0VeVvaPLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_FFTuBfBg8fr379xfPiQYXLCZllH669gvBDJypD3iCObxgFRZqepyQ4GgC34goz0h1m17oBgsIR3ZjV-Qqjs0VeVvaPLg&google_hm=Q0FFU0VQNWlmYlhENWFpb2tDVmU2TGZrd25F

Request Chain 113

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_GzxCTNwrKrwVSm9CdiYGV471SwO3RJxxlKaxPo5D3RoALFtfCy7l8U4t3baI4LGfeTZTdIrnqUeSwwwgd3zppxZCuQR4&google_gid=CAESEGDi76QCCPZE_ApsXYvgox4&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKnVv5oGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGdfR3p4Q1ROd3JLcndWU205Q2RpWUdWNDcxU3dPM1JKeHhsS2F4UG81RDNSb0FMRnRmQ3k3bDhVNHQzYmFJNExHZmVUWlRkSXJucVVlU3d3d2dkM3pwcHhaQ3VRUjQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMlJYbHhnYlJlNzBNT3RRamotR3ZlSzV4SzJhb2VMYUVkcmg2NXlsY3RHUQ==&google_push

Request Chain 116

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEILgLROVZnVr2ruMLtZsVz0&google_cver=1&google_push=AZmPxg_JtqdRE7nY7fFN8NA4PZZYQ5brp4Nsju88OJvwB6_LYlkaf57crS7iJMTFbmO7m1IImsgXj9ClUMeSfuQ2Sw1ivywTgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JNkotMjItTUQ5UA==&google_push=AZmPxg_JtqdRE7nY7fFN8NA4PZZYQ5brp4Nsju88OJvwB6_LYlkaf57crS7iJMTFbmO7m1IImsgXj9ClUMeSfuQ2Sw1ivywTgg

Request Chain 117

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJvr2AhE4bviASMqAVDXooM&google_cver=1&google_push=AZmPxg8F0oAGpZiLYIamPsPgHk0tebQAUfeYgtndOuLtRl8NiiYe90Ex0nZi29ty6En3b1kCw7HaUOnF3F1dkHVQ8ME2sgsEdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvr2AhE4bviASMqAVDXooM&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg8F0oAGpZiLYIamPsPgHk0tebQAUfeYgtndOuLtRl8NiiYe90Ex0nZi29ty6En3b1kCw7HaUOnF3F1dkHVQ8ME2sgsEdg

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://gcdn.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6D54107C02F28C693188F6592BB9DD956D3DD08F.9F0F568AF7D378D27F88A20BF1E412B56880C7A3/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-aigl6ney.c.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3FF6A2DDAC909C7AF41CA16D0074DF6725D011BF.1746436A470FD546688E81E6C7C8EA327A2D6306/key/cms1/cms_redirect/yes/mh/De/mip/2001:ac8:21:e::4/mm/42/mn/sn-aigl6ney/ms/onc/mt/1666181351/mv/m/mvi/2/pl/48/file/file.mp4

Request Chain 135

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP1wuSq1Cag9m6UZCbIkUQE&google_cver=1&google_push=AZmPxg-xS6FIFST4jb0cavkm4GXxg3igSX_jyJ518fB4w2kAfVjYwWR6o5hbhnFMnCA9sqLbg-BzT-kN7rq9zEZ3M1qHBqVUp3QUJOhNsvvvQZg91iuD6LGPS01x2UvAFCNBIraKpOdls-VXPD6kW2PufjQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-xS6FIFST4jb0cavkm4GXxg3igSX_jyJ518fB4w2kAfVjYwWR6o5hbhnFMnCA9sqLbg-BzT-kN7rq9zEZ3M1qHBqVUp3QUJOhNsvvvQZg91iuD6LGPS01x2UvAFCNBIraKpOdls-VXPD6kW2PufjQ&google_hm=8E6KnS65l91itV3Gp_Bplg

Request Chain 136

https://d.agkn.com/pixel/2175/?google_gid=CAESEJugUE31MfpYnCo9yFePd68&google_cver=1&google_push=AZmPxg9S45ufw8ISinQ9b85p0drP-jirmPpgsjcnTrCBoHzvKKTMBMYys4l-05PWkc1GFjHjg9U7cIpLtQRUM2xGPzWj-sN_RW8s4oYykPGp7uKAmKPwWmATMgZvm89lC5noMKWLD49qrSvypbcZQXow5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9S45ufw8ISinQ9b85p0drP-jirmPpgsjcnTrCBoHzvKKTMBMYys4l-05PWkc1GFjHjg9U7cIpLtQRUM2xGPzWj-sN_RW8s4oYykPGp7uKAmKPwWmATMgZvm89lC5noMKWLD49qrSvypbcZQXow5w&google_hm=Q0FFU0VKdWdVRTMxTWZwWW5Dbzl5RmVQZDY4

Request Chain 141

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIsFfW24DEQNXO4YD5XRFaU&google_cver=1&google_push=AZmPxg_AekUlG0WfZUuJr7ZssV-_M2SFzzsSV6COS4lGuavzQKDkD9OChdgU4JmG6pL54RftjeBRDeqbLgv1p35TKgUUUsWXApEGqbuzdOUlfeShP8AM03IK21CP99xSqIfkBPvAD0iUvGPVDUGXGWnD2bs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JR0YtMVQtSVo5Vg==&google_push=AZmPxg_AekUlG0WfZUuJr7ZssV-_M2SFzzsSV6COS4lGuavzQKDkD9OChdgU4JmG6pL54RftjeBRDeqbLgv1p35TKgUUUsWXApEGqbuzdOUlfeShP8AM03IK21CP99xSqIfkBPvAD0iUvGPVDUGXGWnD2bs

Request Chain 166

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAn3s0917OzTGU9npaweoTY&google_cver=1&google_push=AZmPxg8WQyV-0qT18NGvO7iPEztuoM1xSxD7qJc8Xnit-WaAiHkaM98Pnu8l8FYsEx58GuXC3EHZFSLApelA5h5pa3tszP0f-AMWQUjXVGLVS0s5UPosPEjTVBlR3J12aBi_xCptiaUrBa8fgX-w4ZSxaqk HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8WQyV-0qT18NGvO7iPEztuoM1xSxD7qJc8Xnit-WaAiHkaM98Pnu8l8FYsEx58GuXC3EHZFSLApelA5h5pa3tszP0f-AMWQUjXVGLVS0s5UPosPEjTVBlR3J12aBi_xCptiaUrBa8fgX-w4ZSxaqk&google_hm=8E6KnS65l91itV3Gp_Bplg

Request Chain 170

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB-Eghzi2AEclsiuPuHeMiE&google_cver=1&google_push=AZmPxg9pI6KlsMIyHqnuSP-5RVHYbi-Rys6XqnsYBkOLp1t8flduhv4ntcn9sSC55kpLd9wN-IbL8IAI64GfzMbfaMYOIN-VM2ppwqS8LzrpPwc23ZWN3kvWEj3osclPwuUodv7BNszW8CXOFn-DX92D2KI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JVUYtSS1FMjhK&google_push=AZmPxg9pI6KlsMIyHqnuSP-5RVHYbi-Rys6XqnsYBkOLp1t8flduhv4ntcn9sSC55kpLd9wN-IbL8IAI64GfzMbfaMYOIN-VM2ppwqS8LzrpPwc23ZWN3kvWEj3osclPwuUodv7BNszW8CXOFn-DX92D2KI

Request Chain 171

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFYP1EoYbaOWlgQ7f5rXL4k&google_cver=1&google_push=AZmPxg9ng-tmdxnIjDxumd-co0tXuBHk2mVwMv2MCBdKujNdyacChiwM41I3j_bhK2QiArlOgHwMpgmu_c2eOfSgXUDYHu-BODB78ioVGiDiGd61mnX0pBvRvtVx_umj64zouJACFvZ5gwmavbb1e-7lhsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFYP1EoYbaOWlgQ7f5rXL4k&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg9ng-tmdxnIjDxumd-co0tXuBHk2mVwMv2MCBdKujNdyacChiwM41I3j_bhK2QiArlOgHwMpgmu_c2eOfSgXUDYHu-BODB78ioVGiDiGd61mnX0pBvRvtVx_umj64zouJACFvZ5gwmavbb1e-7lhsw

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 176

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAAF8HxfsLWEEc7MTAHrFmE&google_cver=1&google_push=AZmPxg8jTrdQ2SIQYFaKUSPpxcPBwiHu7V9gqANXDxbvdEHefoj4TWvQC83LNGvWpUb54PZJ9PYBZ4229vBq3YcDOF0h9QmDtLR1 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8jTrdQ2SIQYFaKUSPpxcPBwiHu7V9gqANXDxbvdEHefoj4TWvQC83LNGvWpUb54PZJ9PYBZ4229vBq3YcDOF0h9QmDtLR1&google_hm=8E6KnS65l91itV3Gp_Bplg

Request Chain 177

https://d.agkn.com/pixel/2175/?google_gid=CAESEK9wECbFDlRRhzQb8U7ESvY&google_cver=1&google_push=AZmPxg_6p0RR3VG_jng4D5MDE5GvpoVFRmKLLiR3rRt-8M5bVr8laOFDwO0pTOv5nTiQv8L_iTgiv-NVl0xZOayG_pz8rsrF9AxM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_6p0RR3VG_jng4D5MDE5GvpoVFRmKLLiR3rRt-8M5bVr8laOFDwO0pTOv5nTiQv8L_iTgiv-NVl0xZOayG_pz8rsrF9AxM&google_hm=Q0FFU0VLOXdFQ2JGRGxSUmh6UWI4VTdFU3ZZ

Request Chain 178

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8iC4juze7__fgTqutTZA8EXhZuM_clumW_NtuNH33E97lJEUj5aEairwvoKaK9xd65kW-IPXL4H_Ol-hQEe1Ol0E8oxxa0&google_gid=CAESEB3FDCg6T09vJLGXS8zXLus&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8iC4juze7__fgTqutTZA8EXhZuM_clumW_NtuNH33E97lJEUj5aEairwvoKaK9xd65kW-IPXL4H_Ol-hQEe1Ol0E8oxxa0&google_gid=CAESEB3FDCg6T09vJLGXS8zXLus&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkxMjE2NDMwMDA3NDcyMzI1MDk1NA%3D%3D&google_push=AZmPxg8iC4juze7__fgTqutTZA8EXhZuM_clumW_NtuNH33E97lJEUj5aEairwvoKaK9xd65kW-IPXL4H_Ol-hQEe1Ol0E8oxxa0

Request Chain 181

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM1B1jU0mbbUcim4qekTMsw&google_cver=1&google_push=AZmPxg-Lgxe5eUHIlk4Lyc119Y7sNp5z2grc_mTV8zta-Uk_nHsaOgF2Qm0ylulFV0UscvAUkC5kbrzQ2JHF6AX5OzMkYt2OB8VQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JWFEtMVMtRjVUUQ==&google_push=AZmPxg-Lgxe5eUHIlk4Lyc119Y7sNp5z2grc_mTV8zta-Uk_nHsaOgF2Qm0ylulFV0UscvAUkC5kbrzQ2JHF6AX5OzMkYt2OB8VQ

Request Chain 182

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEECwn7P-BlzAiyakLqpZJPU&google_cver=1&google_push=AZmPxg-_UyHmKHpemeyb_npsZ5mpy0qPQsYRE2K2MmrPiYGW-kLB8ZrZkiSH8zdR8hCjHU5R-CyZTqITMyKI2kwd22-g-uSI5Iiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEECwn7P-BlzAiyakLqpZJPU&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg-_UyHmKHpemeyb_npsZ5mpy0qPQsYRE2K2MmrPiYGW-kLB8ZrZkiSH8zdR8hCjHU5R-CyZTqITMyKI2kwd22-g-uSI5Iiw

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

193 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
rebenok.cn.ua/
Redirect Chain

http://rebenok.cn.ua/
https://rebenok.cn.ua/

79 KB
13 KB

200ms
75ms

Document
text/html

161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://rebenok.cn.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi859577.contaboserver.net

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

17268f5e6405d38e700f98a793b485b5f1f0491e354ee47039a948699f588c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Oct 2022 12:16:39 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 19 Oct 2022 12:16:39 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 19 Oct 2022 12:16:39 GMT
Location: https://rebenok.cn.ua/
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK index.css
rebenok.cn.ua/Themes/XenXen/css/ 57 KB
58 KB 38ms
38ms Stylesheet
text/css 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/Themes/XenXen/css/index.css?fin20
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b84416186149b3ef9558abea087b7008eaec498238f45e3b2d14cad16356a5b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Sat, 31 Oct 2020 17:17:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5f9d9c41-e4f3"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58611
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK script.js Show response
rebenok.cn.ua/Themes/default/scripts/ 47 KB
47 KB 154ms
75ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/Themes/default/scripts/script.js?fin20
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2bab092657aceb2b6a17675569174d5bcc87c43fca0d0efb23b4203af6c3945b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Tue, 20 Apr 2021 19:13:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "607f27d2-bbc5"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48069
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK theme.js Show response
rebenok.cn.ua/Themes/XenXen/scripts/ 4 KB
4 KB 124ms
43ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/Themes/XenXen/scripts/theme.js?fin20
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0a73a6383375c850afc72c94d04c8b8dafe65f456407e424515656870d2660dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Tue, 11 Sep 2018 08:36:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b977e74-e68"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3688
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK jquery-ui.css
rebenok.cn.ua/SPMod/jquery/themes/base/ 36 KB
36 KB 147ms
72ms Stylesheet
text/css 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/SPMod/jquery/themes/base/jquery-ui.css
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 142c8c366c2228c3b1ae753bd7f9f48072c998d887386b44bf924e5f39ac4522

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-8e53"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36435

GET
H/1.1 200
OK jquery.datetimepicker.css
rebenok.cn.ua/SPMod/datetimepicker/ 19 KB
19 KB 117ms
40ms Stylesheet
text/css 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/SPMod/datetimepicker/jquery.datetimepicker.css
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 488c4c5bf195ad39a6cb9f8d430ebd742ef5a6e5f1a78351d77ce5ab575e3a8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-4a2b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18987

GET
H2 200 jquery.bxslider.css
cdn.jsdelivr.net/bxslider/4.2.5/ 4 KB
2 KB 99ms
37ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bxslider/4.2.5/jquery.bxslider.css

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9cf8ad68766d8ed0b3012454d996591cd9b3b05049b6d501343825839500e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2953539
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-cdg20777-CDG
server: cloudflare
etag: W/"1002-7d4RvoduMW39qIj6i9lvTS7RNLM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgRgnn3qDLv7i3CgpGfyLz0Rl3b8Uie4PHpZvB3bdejibgvWGbRgHxPVLpYyq1M826AJTG6E7a4wYgTNMu9q08RdURw%2F3zEjpS5kcx1kC4ZV08EJCiFX5tnwT%2BGvRppJhXQtQYOjg88nYZl3u3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75c9723689fe76f0-LHR

GET
H/1.1 200
OK spmod.css
rebenok.cn.ua/Themes/default/css/ 2 KB
2 KB 117ms
39ms Stylesheet
text/css 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/Themes/default/css/spmod.css
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 58bd61c49adee9910a714d97d736fc92bbf3288e09a291314a3bade81902b980

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-6cf"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1743
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 155ms
67ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdb1cfd83bdb11c370d42ccc26aaadf0a95e202e314e8b24bcd2fa15adef7725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55325
x-xss-protection: 0
server: cafe
etag: 13360703697370759209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK smflogo.png
rebenok.cn.ua/Themes/XenXen/images/ 125 KB
125 KB 72ms
39ms Image
image/png 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/Themes/XenXen/images/smflogo.png
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0088894a752ca483014f4a03719582b00d71784ce266c238394cac6aa129c559

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Fri, 14 Sep 2018 07:16:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b9b6046-1f2e4"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127716
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK collapse.gif
rebenok.cn.ua/Themes/XenXen/images/ 292 B
609 B 108ms
39ms Image
image/gif 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/Themes/XenXen/images/collapse.gif
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d7c1a29836ca2dd978e2f50a01de4c754f7e1a89d91a6148378e42d6e47d5a5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Tue, 11 Sep 2018 08:36:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b977e74-124"
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 292
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK fader.js Show response
rebenok.cn.ua/Themes/default/scripts/ 7 KB
7 KB 37ms
37ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/Themes/default/scripts/fader.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 85e3ebe44bbd5ec1dfc6ea22929c10e06900262df42a65737c7d3fb884321b70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 14:51:54 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bd98a-1b58"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7000
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK vkusnyahi.png
rebenok.cn.ua/banner/ 1 KB
2 KB 37ms
37ms Image
image/png 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/banner/vkusnyahi.png
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a380dc7d3470052b2fec0f324a6e24d14fb457809f707496dab0eb693480d7a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Sat, 05 Feb 2022 16:22:47 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61fea457-5f9"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1529
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK jquery.js Show response
rebenok.cn.ua/SPMod/jquery/external/jquery/ 276 KB
277 KB 37ms
37ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/SPMod/jquery/external/jquery/jquery.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f5e849f11b1f3d348b4f504b570ab268f89e735079d46330a80f4df498b96be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-4516c"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 282988

GET
H/1.1 200
OK widget.js Show response
rebenok.cn.ua/SPMod/jquery/ui/ 16 KB
16 KB 38ms
37ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/SPMod/jquery/ui/widget.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8ea52ec4feb51c8e0d96f679d0cb6039b81db8d841456f06db7d79d4f98174d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-3e6f"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15983

GET
H/1.1 200
OK datepicker.js Show response
rebenok.cn.ua/SPMod/jquery/ui/ 78 KB
78 KB 77ms
76ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/SPMod/jquery/ui/datepicker.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0c580c1a28b84e38decb465c5cd7824b7cefb378d21ee9678aa97872bfb57823

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-1377f"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79743

GET
H/1.1 404
Not Found datepicker.ukrainian-utf8.js
rebenok.cn.ua/SPMod/jquery/ui/i18n/ 0
0 39ms
37ms Script
text/html 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/SPMod/jquery/ui/i18n/datepicker.ukrainian-utf8.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery.datetimepicker.full.js Show response
rebenok.cn.ua/SPMod/datetimepicker/build/ 115 KB
115 KB 78ms
76ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/SPMod/datetimepicker/build/jquery.datetimepicker.full.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fccb5ef295539d1c7d5ad4dd4a716d55d44d54221a06bdf44a93935004a00822

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-1cc85"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117893

GET
H/1.1 200
OK zoomsl-3.0.min.js Show response
rebenok.cn.ua/Themes/default/scripts/ 28 KB
28 KB 77ms
75ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/Themes/default/scripts/zoomsl-3.0.min.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5e46a7daf45145bd03f13fe4a1bda5276b68a3993f58a62eafff42b716c950da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-704d"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28749
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK spmod.min.js Show response
rebenok.cn.ua/Themes/default/scripts/ 2 KB
2 KB 38ms
37ms Script
application/javascript 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://rebenok.cn.ua/Themes/default/scripts/spmod.min.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 526559b44c14ea86c767c68f2a043b5083a76dfadeab9e3cbde40e16388e3c60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-6a8"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1704
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H2 200 jquery.bxslider.min.js Show response
cdn.jsdelivr.net/bxslider/4.2.5/ 23 KB
7 KB 42ms
40ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bxslider/4.2.5/jquery.bxslider.min.js

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe91e5030d56d2c3eb23a58dec4ec8b52db809e3ca9ee40bebfc83aae730551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 6131
age: 18323501
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-lcy19248-LCY
server: cloudflare
etag: W/"5c4f-HqQ9wsi6cjN7dsaMVMCoVMMc/7A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BOC%2B6H%2BxZnQfsY35gJMhmcFjyNbv4C899Psx%2Btakr6SIa9tQym9dJVF2TE4lel72LjkiC7cI5qoKcMIrm3IBCw8XWMJBBmqZx0C11QCCHsEtvIn%2FAqnDmRnrCPOcEqbqA1zlECt27EIgP%2FtJEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75c972376b8976f0-LHR

GET
H/1.1 200
OK forumtitle.png
rebenok.cn.ua/Themes/XenXen/images/ 3 KB
4 KB 112ms
39ms Image
image/png 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/Themes/XenXen/images/forumtitle.png
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/Themes/XenXen/css/index.css?fin20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 632f482436667240c92653fabf2dc850d7e2febeba8334301144585acd699ff0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/Themes/XenXen/css/index.css?fin20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Fri, 14 Sep 2018 12:40:59 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b9bac5b-d94"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3476
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK generic_icons.png
rebenok.cn.ua/Themes/XenXen/images/ 45 KB
45 KB 111ms
38ms Image
image/png 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/Themes/XenXen/images/generic_icons.png
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/Themes/XenXen/css/index.css?fin20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6590dc0cf0a80c482672468c636d18ae9a511aa9a4e073505466a7acc9ee2497

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/Themes/XenXen/css/index.css?fin20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Tue, 11 Sep 2018 08:36:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b977e74-b2aa"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45738
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK spmod_icon.png
rebenok.cn.ua/Themes/default/images/ 406 B
723 B 71ms
42ms Image
image/png 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/Themes/default/images/spmod_icon.png
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/Themes/default/css/spmod.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6d63786c7f25d1b3275a6745d2fae241f66b8eb0b2d638b55e8abc0c9b62813f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/Themes/default/css/spmod.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Thu, 22 Jun 2017 15:03:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "594bdc4d-196"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 406
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK expand.gif
rebenok.cn.ua/Themes/XenXen/images/ 303 B
620 B 37ms
37ms Image
image/gif 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/Themes/XenXen/images/expand.gif
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0bd908397b2652c7c11fe8919669cb75003e6477d1ccc76933ff099811b0b64f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Tue, 11 Sep 2018 08:36:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b977e74-12f"
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 303
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H/1.1 200
OK boardicons.png
rebenok.cn.ua/Themes/XenXen/images/ 7 KB
7 KB 104ms
36ms Image
image/png 161.97.175.26
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rebenok.cn.ua/Themes/XenXen/images/boardicons.png
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/Themes/XenXen/css/index.css?fin20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.97.175.26 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi859577.contaboserver.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: db3b814330e7ea0ae12492547f73ab17f9e56a0c67bca65cb5bca150575052bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/Themes/XenXen/css/index.css?fin20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:39 GMT
Last-Modified: Wed, 12 Sep 2018 13:46:09 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5b9918a1-1c1e"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7198
Expires: Thu, 20 Oct 2022 12:16:39 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 178ms
25ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rebenok.cn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 10:50:52 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5147
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 19 Oct 2022 12:50:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 353 KB
116 KB 187ms
95ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3679149649306168&plah=rebenok.cn.ua&bust=31070415

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caa14372dafc50e3de942d479a38eaf1006c64a02726d3a3add9ebbf6164f8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118763
x-xss-protection: 0
server: cafe
etag: 11944603986615967497
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 12:16:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/ Frame 0E68 10 KB
5 KB 171ms
39ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:38:27 GMT
etag: 9671129459699598864
expires: Wed, 02 Nov 2022 08:38:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 154ms
70ms Image
image/gif 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1389622004&utmhn=rebenok.cn.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A7%D0%B5%D1%80%D0%BD%D1%96%D0%B3%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D0%BF%D1%80%D0%BE%20%D0%B4%D1%96%D1%82%D0%B5%D0%B9%20-%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%B0&utmhid=1241293373&utmr=-&utmp=%2F&utmht=1666181799937&utmac=UA-12549923-1&utmcc=__utma%3D205853712.1065341134.1666181800.1666181800.1666181800.1%3B%2B__utmz%3D205853712.1666181800.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1633285430&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
699 B 186ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rebenok.cn.ua&callback=_gfp_s_&client=ca-pub-3679149649306168&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3679149649306168&plah=rebenok.cn.ua&bust=31070415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913cbadf1e8f1cc7876ebe6b7071d40654e7b68769c4610a3450e2d9d0606742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 403ms
50ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=rebenok.cn.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 178ms
48ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rebenok.cn.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A02 124 KB
32 KB 449ms
347ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&adk=1812271804&adf=3025194257&lmt=1666181799&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frebenok.cn.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181799798&bpp=8&bdt=429&idt=339&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2552228943737&frm=20&pv=2&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=396

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8d3c39eab11bf361aa85ec71600be574ab97690e3d5cbffa35a9ddbfecfe07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:40 GMT
expires: Wed, 19 Oct 2022 12:16:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF3A 111 KB
34 KB 763ms
673ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=280&adk=4144480424&adf=3594046531&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=1200x280&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181799806&bpp=3&bdt=437&idt=399&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofUOYT87Bm&p=https%3A//rebenok.cn.ua&dtd=406

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b122f36e9c83c60fb0e81b89e37352266fd66635b2a02fbf42ca1c51e396d9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35229
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:40 GMT
expires: Wed, 19 Oct 2022 12:16:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 151 KB
54 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/reactive_library_fy2021.js?bust=31070415

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b2f1d3301f41dea191a858b3e56d652cc68f36d20cdbe25fbbbf794d354a912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55066
x-xss-protection: 0
server: cafe
etag: 15434022834474212348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 12:16:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 133ms
51ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=rebenok.cn.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 136ms
51ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rebenok.cn.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7EA 34 KB
14 KB 444ms
443ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae993c7be2516456e989926937888479b5b0d66020bdfe9cfb8afadc988bb4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13847
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:41 GMT
expires: Wed, 19 Oct 2022 12:16:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A3C8 120 KB
45 KB 451ms
451ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7ec3677504de2e8315255c02a8770bbe5739ef02206b487556ff168a2f75ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46084
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:41 GMT
expires: Wed, 19 Oct 2022 12:16:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01E3 92 KB
35 KB 516ms
516ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=1642762165&adf=2692237670&pi=t.aa~a.3594524556~rp.4&w=1126&lmt=1666181799&nsk=4586be61&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83&nras=5&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6vgF0mfwS9&p=https%3A//rebenok.cn.ua&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6e561422e0b6bb9f0a0c781534d979d4321a9236f4de00646789806f2adba95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35492
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:41 GMT
expires: Wed, 19 Oct 2022 12:16:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C55C 120 KB
45 KB 414ms
414ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6da7d5a78a8fc1e979cde4f15eaf22e8c2350652a809201643e05aa709bc56b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45761
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:41 GMT
expires: Wed, 19 Oct 2022 12:16:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/ Frame C1E0 10 KB
4 KB 48ms
44ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:38:30 GMT
etag: 9671129459699598864
expires: Wed, 02 Nov 2022 08:38:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C1E0 4 KB
1 KB 143ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 12:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 11:48:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 12:16:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame C1E0 19 KB
9 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:48:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF3A 8 KB
991 B 57ms
53ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=280&adk=4144480424&adf=3594046531&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=1200x280&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181799806&bpp=3&bdt=437&idt=399&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofUOYT87Bm&p=https%3A//rebenok.cn.ua&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 11:15:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 12:16:41 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame EF3A 2 KB
984 B 49ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF3A 0
0 97ms
88ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmzhFqOpPY-auGKq4j-8PzYaRkAPQ0tj-bLmm5NKiEJOkstHrARABIPnG1xdgu4aAgNAKoAHT_PbVA8gBCakCQcQk3Mt_sD6oAwHIA8sEqgTlAU_QUT_ZyeeLDyADHVr_Tdo7TQIFatnRvY_fhPnMUfcI-hm2g0P1nTdwlW2Jr7ekm3TcAJueCVPt3Ld3SBpB-vk80OCbajbY6-Q3pqvRA-ZmZ68vuo3M5GZADKYWOd9q1TYgZ0QqW3rTbQQJw33coH70LzD9gO6xgeVELfYv5fS2-DEslGE0lfCwV3zscwbE3UA7VnGCRTLCcPkdqpddbWst7f5Uh2V0wrXPZH6eiDY9bPUoHBk65KLQgI6awnQXcsT2R5cYFnMi9Fo1rQ-M2Ij562M-k1CNxF_e3ps84fXWimkBznfABK-Xl6iNBJIFBAgEGAGSBQQIBRgEoAYugAein-rIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOaRA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBmAzZuf2LkAS4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTM2NzkxNDk2NDkzMDYxNjgYAA&sigh=StvHKGE8lDA&uach_m=[UACH]&cid=CAQSGwDq26N9LJax61WIOOtYuO6DYKu-nP4ulaxckRgBIA4&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=280&adk=4144480424&adf=3594046531&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=1200x280&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181799806&bpp=3&bdt=437&idt=399&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofUOYT87Bm&p=https%3A//rebenok.cn.ua&dtd=406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Oct 2022 12:16:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame EF3A 23 KB
9 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame EF3A 3 KB
1 KB 163ms
73ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 07:54:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame EF3A 17 KB
7 KB 140ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF3A 152 KB
47 KB 1119ms
1112ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame EF3A 33 KB
14 KB 142ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H2 400 data=nw5MuEGD2PrYAVNO0BesBIVHSJ_9We_m3KTuvwn7g3pbl9zinOH503-pbChty0U-yHLV3RFLsDvAaIyWU_yosAmIVo83sTkNjCxI1IM3G36mQ3n108t9M_cce2xXkck
mts0.google.com/vt/ Frame EF3A 0
0 151ms
49ms Image
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=nw5MuEGD2PrYAVNO0BesBIVHSJ_9We_m3KTuvwn7g3pbl9zinOH503-pbChty0U-yHLV3RFLsDvAaIyWU_yosAmIVo83sTkNjCxI1IM3G36mQ3n108t9M_cce2xXkck
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=280&adk=4144480424&adf=3594046531&pi=t.aa~a.1361838460~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=1200x280&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181799806&bpp=3&bdt=437&idt=399&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofUOYT87Bm&p=https%3A//rebenok.cn.ua&dtd=406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EF3A 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EF3A 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 8CCA 23 KB
9 KB 99ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8CCA 8 KB
716 B 137ms
51ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 12:08:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 12:16:41 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 8CCA 14 KB
3 KB 240ms
145ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:41 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 8CCA 359 KB
125 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127092
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 8CCA 17 KB
7 KB 114ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C55C 6 KB
672 B 61ms
60ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 12:16:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 12:16:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C55C 6 KB
672 B 53ms
52ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 12:16:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 12:16:41 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame C55C 35 KB
14 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

889c56bf96166be6d1ae299043a888c9b2dd883954a18bff255a5b63e3650d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14238
x-xss-protection: 0
server: cafe
etag: 33620748111453228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:58:29 GMT

GET
DATA 200
OK truncated
/ Frame EF3A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a328ad484228ab0cb2f09effe91fa90fb4918a8113b06c9507cba244211e7a0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C55C 152 KB
46 KB 958ms
956ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame C55C 23 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame C55C 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 07:54:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame C55C 17 KB
7 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C55C 0
0 94ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnak9V527G09VB7qSIv713A_Z11o16J53fIfNd2kFdwCfQ1QO8sYXpo1tfIhIqtYoU81S0hECugbyeFE6R1JegqUzx9g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 305E 624 B
297 B 53ms
52ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjt5IrOATAB&v=APEucNW1dU-AjJgekCCWcKixDTTi3o_I0yY14VOus0JnPcrLwPflryA5uvobUChibPnDvtVrlD0VpyMi5fIBAXbig9y1mJ9B3xC7RRr0Erkfe_1pL012zFvXTBjlnFymgED7v-baxL9CGud_qxHlrnVCNtSZeBkmMZGdJsp_LH2Uqc2q586QJLM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 03A5 15 KB
11 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxhVYvPmLvTx24RtK1AsHnlt35KeWY4UjKptWzSZQMH7UNDurzpnGK7C1mmGSTJbsC1_mVU8mE1tt_7WK7vrKrH4uRTWXpl8lKtLPuXBVmc1LBONeqZfsXM_EGEyOM3S8Zm1JQrB0kVTEe6QygVk4O_T4SrLssPht_6zwnAguahvlBHo0&cry=1&dbm_d=AKAmf-BppE0uBcv3bgdL7IQOV6WVDFckELrRe4mVrewie5N6mCO6ChgaXB41XiOq_9nVsfH7xUNsHXK9W0tcxdO4OqKi3NL2PcS6zocF5kBbomTZ01eY0IB6ddZtcfXBwRDLSd31rj004_gcQmnDwnS8DtN6QlhH8kdIurvAGtrrThgQ5XUe0BqygliriOu942BGlCy64AMA5-BtAZ0XI5udDDzDXtdFM4eyAuTXOS-ydPK3TkbYtSNPzd5MnpYzGNl7CEtx0tk3LTiHApdINvMCAmZcnQAEWWAI7bIiH6y7oj-xTU7dZMmne9yNvfjmxZcaaNuN0BPhpngZtYV3exqT9LoIE_O1BvmSb06KNkKUZdaVbfMjfGv30xgoaptqWuWY5fIn48cOj0SX3Ta2YvgvW5Gqrt5NCIDT2ff_yzq1YC_PEtaZszCNprTPgN6tCnpNsebhl_W5VLAD1Z_ax0K0UAW526Lk0tftsJylUibzgGQCYdj__f5Nrbw1CN5Esv15RyA84bAsr7M_aGYWK7BZ9yn2rNCArO2KUO2nG2KNh2n4crfpYzdGFMeZhaSQmsMOo0YrazkKuhBtbisQJ7loraqJBWl38aQx0wjQr19Ht3HpUvyUJjVajeL8tuUf6WR5hIzH9-8SYrE7R1Ie-Z2johT9cJzyEmkaT2gZ5DE4bwSXiVGHizTqiAKEUn81vVb8v-SEWI4_IhUY7q8BaY7XCR4M7wpiIZV6jvhvVLSCpHy3DN6H8i7wBSX9IpkXj-NsdyzIR7Vh151Rp1ZOHskqzD3EI86Xz0UCqHe1xdx0zuRvJ3iFlKuxlaaG3ZbbU5iaKFxv8AcyibHPjw98swFMDRuSTGv08KNcTvtwDpgQgip9UWYRLS1o_UFPOg1pAuuRJ_ONKrcndNzEyRdxspvrHznAML18dpV_q4pvmIbSQwtJnicxAzvDB2XEb9TrNpU1vMHRoaZDKAL0CpgN11OXRWybpUU_1SPMF7ew48jc0J4vPxkhQy1YL3b3cEGixPoMW3hx2Tx6wqhcuZISEXPUMh3Lpw3vgq7R5xL2hXQg3Px8uc9_ETW7F9kDR6d4M596T03cY3ERLFjB5cZSSOW7pMNIwcEhI9K6_9u_AOnBJTrZUYYI77Wb3AIregwUfnivPdQDgt19pGlqPCDzGeE1_56jstTG3P7IMrjSgmElQSd2K836lbgmYQnt8rjjJsu-E9sdjn_8eu-YVXgCKA3pKfZ9BOHkTMFCfV6WEPgae6MFeZFaKjz9nxO5Sth9ALv0Z39jlHm7YXYqdNZS_9W5-ARPffFskabf0Xhf2NAe3LSxQBThHZDgLdNp0ZtlSDyaEmaexnjFx9AdcJWASwautsePIJOFU69Lw3rlKnRJpQeAbGcI1tjy_jQos6aiucxQUuxdbZkZtU4U-Wtg5hQ6YunZDyLeMuYEoqOsdCHY8Ngp2hkRSytg_ORiH76s6b3ZxvBJHsUtWR5qC6rpiifZQaMXdpZF5wdmZIbMi4jJa7DoJt_pgCsPxtbK5NsEQpFZAlZyfBt5yquu6yi_z8Tcx6ujJjDIMzlninusOHWUWK6AVkeUfVK_Pm7SduLMBKri0log4FKQ1RuChF-J-cYFzWdJz2mlgkEOXXD6ldLKpAp9ASELg30DNfiHedX0ZTFSqDExlFioXLijXh8l8M_Vfn2v7jUmjghHIRt8V9O8qKSL9Z5jfV-0yjK0WIAaMk7g18dvpWC1A4CsoitK3pwh5S-lH9xriW5qEGuVnMT2bKSzOUWCp9tHTFPuz0qK4orTyVEPgXr_8rLFqOOpzyGkonPYwip6V8tmY-Fvey1ySe_OgbN1pTsviooz9ISpu0JYuqwjbpak231VweVVsMv1Drt2dGTTJlGwwZvGKoLzzCk52IOj4Gm8yixLZcQvzFUgbJc2tplIKAAEQjHgCDeFzr-Vuqwq9XcNIwDbpE5HVvWmfgv4WaOcFDrmpvHjJF5mOzKtqwOV2PiRJJx8qkzLOL5J_ySLrgg0A9AGIoQr7pSb7x7VDWYriKqB3tEYkvrgfw_bMycg8oqPS7AARhZVXtJM5wb-IlwR8IaHbk09X2vcLHJqafwpxR0cJkP_1lOmSE4gZYuWKluby47FdSQO0GPsJNfkvGEABHUie4VPv8ZfZIAkNfC7NT5_ttsIE4tCbfOQV2GpD8tg6-EIBlpdWAmJP8xptJRidXAbv-Ghqa688ztEPFDoy2AvZ1nJn-6Go5N4nhTFY6hY7O_SLn7gAUjfVzRdfrCnGKQlV7VQ8Ba3YzYEAfsZNK0izJYSjGvw0QwBbKb49GoahKyOtl3fjb4vdD0BYHGmhlUinXLQZPLqoXGazexNxkRCdlU4bqLex1mcZeKHZOCaZRjPk9drJGpLfB17bYnJ47ulVSroldcA8rgl_8T6R49wEr9x3Mj-6kxrfApMvnIfm6HnKejmm9LI5uuoZ74U7UbEYLkWN7yW9gLpAQKOqA-MSdpfn03WmMtJ2xL_lS1Y08MO-I4F7G69Hc2OjlE-zIx7Pfmp-9Eieus01LgS0LRuIRfpZtZEo42Axqv5T6Y58lc1Zi6vNl2pdpkia3aGn5_jPtSKXInu8shuaVWPnJexbhiPRC64fyds7GPE2B3P_t_EOrZqdkGyEqxs36kcLBulCznMhTck94tF71oVylCZXzKk7fIU3eKk4Myltm2UPD7gV4P5dpeEjWZqW7A7EsxYeN8u-FPHRfhYnITx9_z6o7EoQJnp6RRFsILp8YguckNdAN6oDEGctjkNQsDKgIQzFXhhQ_kwJX1gL16Hi0m5Ej-v5_hawoYX_X5escj4tOe9DXamHY7NFJbtuf3OkF-WfzURbRx09iz3iwvw7tIikfD-ubv8RQtZLWe8TWjLefwXLNfmcPlJ1ofXiqnvRMV66AEZ-uefrjCJpq4&cid=CAQSPADq26N9bzLD6XjvtVUCiU4fmqZFcXDhOdWW7TuUz3C3n2JwICuMo21Q9oczwXoqpBFVNkm6FWfZTcMAvRgBIA4&rfl=2%2Chttps%253A%252F%252Frebenok.cn.ua%252F%240

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99cd3d9ba61c90aa7c2b58a7de4c1a514fb848854f165669051ecae99dde18b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 03A5 2 KB
1 KB 294ms
43ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28085862&plc=339901543&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0hmExBNvHPfJSE7wkCnNtu7&c1=4845432&auorder=1006889571&aucmp=17047376584&aucrtv=432190061&auxch=1&pltfrm=1&ausite=20305045059&turl=https://rebenok.cn.ua/&aubndl=&dvregion=0&unit=160x600
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:19:47 GMT
Server: Microsoft-IIS/10.0
ETag: "f128ce2aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 03A5 8 KB
4 KB 293ms
43ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:59:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fc3bc740ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 03A5 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 07:54:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 03A5 17 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 03A5 0
0 136ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMeEDd0NLA1p6PXTbGlSLuihrhbzzTl84NQikoAywUNZR4i6bkDFh6k6evFYMyGCYqLsJvFH6fPyfhraupfFoQYgJaJQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03A5 152 KB
46 KB 954ms
952ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03A5 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dy_aaRaWeMPR27QWikhVqiSl-nzWOLniYrH_710AZGKf4dD28BNmRGwA_cSu4iHCDjuSRPmDJacg42-L6lKHl3ZYsE1fnWQVMXtC_pIBJuufbTn7M

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A3C8 6 KB
672 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 12:06:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 12:16:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A3C8 6 KB
672 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 12:16:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 12:16:41 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame A3C8 35 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

889c56bf96166be6d1ae299043a888c9b2dd883954a18bff255a5b63e3650d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14238
x-xss-protection: 0
server: cafe
etag: 33620748111453228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:58:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3C8 152 KB
46 KB 907ms
906ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame A3C8 23 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame A3C8 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 07:54:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame A3C8 17 KB
7 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A3C8 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeOXm9JxrPSfpWZRVEWa15MCOrdeBRMy6AKQ63xQu9nsjTCXNsbPlhhF6owFdmnedU9vdHFcBJ94qD6GumFd_Pn-MSLw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7349084450606528280/ Frame C55C 1 KB
1 KB 134ms
133ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7349084450606528280/downsize_200k_v1?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYILBAsGAEgAS0AAAA_MCw4LEUAAIA_&rs=AOga4qmALnPxyjX5HyYePwk7xwN1iY46pg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b99a3d30429a1a9c5f14933ab6fe42c32d9510dae0312113334a5d21ccb50b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1458
x-xss-protection: 0
last-modified: Wed, 22 Jul 2020 14:58:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Oct 2023 12:16:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C55C 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7t_2qOpPY8avNfu57gKyg6jQBtbG_dZbrcet5c0PwYTA_PoBEAEg-cbXF2C7hoCA0AqgAczw6tECyAEGqQIqmNUYdvmyPqgDAcgDywSqBPMBT9BVdIw-Mznjt2HUA2gujZ5Ed7vIINip2GESIM_zjVIu5DwiIoFKGTHr4hDSeLw6qGciOAaBqBbEE8l_3H4UUKqeVbW7Xv1c5XKKqYvdtv5Gj3PSvbO77scua2PufljYsFyRIGYTHLEQiM71ThlyzVdXTD8VpnNZI2xVJWbJ2-TSiBjfiWoyXG8dzmsAWrrL8lv_VVW2yqRPJz8YtR49Zo1rySiaFCaRaMi4YnNfamq7jS2zCcHOCSblD-vCARAEYxeIdNQ07_26hgPBatYYhxQlKCBZ5HyQAJHm-irwtMhSETCu3UoFmr7VavDqp5zH5dZqwASHqvaysgKSBQQIBBgBkgUECAUYBKAGN4AHnI-VrgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDSqQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zNjc5MTQ5NjQ5MzA2MTY4GAA&sigh=YtjXTPpkyPk&uach_m=[UACH]&cid=CAQSPADq26N9T7YXBxsai15xqFXQ9YWaGKB_RJGKE9c-R3VvG9E4X_j69o_R_k2LQIfCzNBHuz1iFo-hDj4a6xgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C55C 10 KB
10 KB 129ms
41ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 12:55:48 GMT
x-content-type-options: nosniff
age: 170453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:55:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 305E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&C=1

43 B
766 B

80ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjt5IrOATAB&v=APEucNW1dU-AjJgekCCWcKixDTTi3o_I0yY14VOus0JnPcrLwPflryA5uvobUChibPnDvtVrlD0VpyMi5fIBAXbig9y1mJ9B3xC7RRr0Erkfe_1pL012zFvXTBjlnFymgED7v-baxL9CGud_qxHlrnVCNtSZeBkmMZGdJsp_LH2Uqc2q586QJLM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 305E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0-qqV.fWn8Ni9--9XqxmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&google_hm=2

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjt5IrOATAB&v=APEucNW1dU-AjJgekCCWcKixDTTi3o_I0yY14VOus0JnPcrLwPflryA5uvobUChibPnDvtVrlD0VpyMi5fIBAXbig9y1mJ9B3xC7RRr0Erkfe_1pL012zFvXTBjlnFymgED7v-baxL9CGud_qxHlrnVCNtSZeBkmMZGdJsp_LH2Uqc2q586QJLM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_3Uf4GtRSUt0ksG2ApIOw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 305E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN15GiVXt32Ae7Vv4XAK63Q&google_cver=1

43 B
1017 B

36ms
35ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN15GiVXt32Ae7Vv4XAK63Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhjt5IrOATAB&v=APEucNW1dU-AjJgekCCWcKixDTTi3o_I0yY14VOus0JnPcrLwPflryA5uvobUChibPnDvtVrlD0VpyMi5fIBAXbig9y1mJ9B3xC7RRr0Erkfe_1pL012zFvXTBjlnFymgED7v-baxL9CGud_qxHlrnVCNtSZeBkmMZGdJsp_LH2Uqc2q586QJLM

Protocol

HTTP/1.1

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
AN-X-Request-Uuid: 4bacb781-5296-4111-87ca-01a95b779616
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN15GiVXt32Ae7Vv4XAK63Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 305E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE4MTQ5NDI5OTAzNzcwNDc3

170 B
188 B

86ms
62ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE4MTQ5NDI5OTAzNzcwNDc3

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
AN-X-Request-Uuid: df58d4c3-6fbb-4aaf-b7f3-8d8bd8b87c15
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE4MTQ5NDI5OTAzNzcwNDc3
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8CCA 0
327 B 474ms
155ms Ping
image/gif 2607:f8b0:400e:c0a::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9flmhxt&c=6210845667863&slotId=3105422833931.5&qqid=CJmN3fKi7PoCFZPs7QodVjEEPQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400e:c0a::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CCA 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CTQiMqOpPY5mZFZPZtwfW4pDoA6Gix8ZrlZzHkq4Q8C4QASD5xtcXYLuGgIDQCqAB-4zizyjIAQWpAu5zIPPx57I-qAMByAObBKoEiQJP0ELthkgsXs15P4VG7pw48y5HR4-TTb34V4uPtp6AmT11_tZ8eHN4E_D9qxczICZefMRjGeRQV3lYk3tpPSVvCsKSmi709QJj6Rmqk37KHkwYIXSR3b-SPWtrx7P8gwFlnfDP9CB-2ynTKF_BQ84COdKF8cyO-RnB5eilkNhap1R5QmG_v2GxNZeuOhThGBOYUQRp7d4RrZm9RCUp4S4VYrisMOskcNSJApw83YaQEMUfMUy8qyxfZnhxP2-dbT9fwLmKQvrog8_NYeqQRbte1QUsix6s8Ljrx21VYlAe5HVOOKcq8g6WZFa3MA7Jf-Chk5ZjMqMwcC4LhYBdX1aEUPCEG6uVijycwAS8mJ2YiATgBAOQBgGgBnmAB_vEsq8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBOt5dsQ0BMA2BMNiBQJ2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1666181801303&ai=CTQiMqOpPY5mZFZPZtwfW4pDoA6Gix8ZrlZzHkq4Q8C4QASD5xtcXYLuGgIDQCqAB-4zizyjIAQWpAu5zIPPx57I-qAMByAObBKoEiQJP0ELthkgsXs15P4VG7pw48y5HR4-TTb34V4uPtp6AmT11_tZ8eHN4E_D9qxczICZefMRjGeRQV3lYk3tpPSVvCsKSmi709QJj6Rmqk37KHkwYIXSR3b-SPWtrx7P8gwFlnfDP9CB-2ynTKF_BQ84COdKF8cyO-RnB5eilkNhap1R5QmG_v2GxNZeuOhThGBOYUQRp7d4RrZm9RCUp4S4VYrisMOskcNSJApw83YaQEMUfMUy8qyxfZnhxP2-dbT9fwLmKQvrog8_NYeqQRbte1QUsix6s8Ljrx21VYlAe5HVOOKcq8g6WZFa3MA7Jf-Chk5ZjMqMwcC4LhYBdX1aEUPCEG6uVijycwAS8mJ2YiATgBAOQBgGgBnmAB_vEsq8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBOt5dsQ0BMA2BMNiBQJ2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8CCA 22 KB
15 KB 159ms
76ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Atqf8jqNN6nqDqsiRVNIL8Qv4If1LHzCNooqdslgKt-ETM1N9ru8AbdY0a7298km52pDVEJ_7BnNmQg8hyCxeOia8S5Q&cry=1&dbm_d=AKAmf-D8tD8_9JDin2I4mPUmKF8_9oWLhJVjKlPU2qPtJduJVPga-sP0rpEhLpzKIWCLsnaorPr5G9Vyead1eOn3uYnF39arH7kbIP9pOctShi_b2yxCDFjLVOQlveD4JcwZiucU3jMzy5fLo9JFt_ITVFdkA4gEfeOr46YQhTWh3LVK5Y5B5LJdzI6STqvKENyjhG5vVQg2zrpVNRW97LxyfF5W-DShdcWXGfybNe53TdwntwdznNt-EZcj4SSHVa0PT699vc7K4ni-1ybb8Fj1hAVj53nGu3eqNbWyPKphJWR-FbM0JquMHZPKH7KXZ2HkVqEAsDNUu2MNVIlZmR4YV3kJBwBf2WKNhkUaHAq_G8vU5p_N5XKxf48Mw4GonEaORUt9OL3geV_4vnq5OX1ICke7YRbdjnDEM8-wgkk4QlDwzAe4jz17oWvpEDwmAMUMxZXiAuUUHAt7VqKVedp8aThcKSqi7NuTTSeYZ5HzI_PMnYteSjw3WxwxOgC8X42EuEj_coJVxwdaTGYMVbeAV3o5w3cFdDV3InZ-2GdaiM6kiQvZG0hAr5-pHYzRbfIqOaDd6csu32reQwDPwIzAQMMZv9m2onBWGmZrT63T12X9x_Xw97k60q2MYrgemR8ZcGMnjOV73XrEcZe5RNTocpsJhMXoJhQPZXj0ebDUf-Rkkbo3qgXuUXzkC0EMeA3EkAIiloxIN9EoUQ44Gv8WI7GdoWpGuOdMb8ngLP1vF0DbZlVEk0uEDEqkrlzf7EHyPHVnzmp99EPYVOrd25M243-crfPSJFota8gpYs-prFXvq7MY3MPoc5AdMcWFKS3T1R2EQ0gmUHn0o8ZZd2HSeDb--tvruKsStrwNflyOJGNeWIh6hY-IxMEjp3uyR7dYEurMl_lwEkMc6U9G5FDhfwyXAJgepO65LTnTR89JSvZ5UK_XKi0DgjQV7QPuhj1wTXeikQXk5U5y56Su-IAm34VqU2UWdngX7RoCYbZA6dtEUic9jNsbY9ybhn8FAqMBGVoLI0tJgaloL6U84EgEoQU5aWTGLHVXTSKcB54L4bPhBY8itSd4CtW0VGJsEqbIvhlVKRxyWSU6VYxzf2dTGg4QaJM3jgf2S4hdFC6Iy43x94FAK-wd_SHovgTuyYlCdo5luXaMTqVcsNeK0F5-oZqMJ2dhy6OKLGyBDX25zHmRQuYVPH3tmRT5YT3w0BTXRjXTvD7zpQD8aQ8WpsXdqjcvWC9pd7JZdc_0g_IV1KNacsBxr98_jWzL0av3Lq9irlJ_QS2oBUYDpHrI7drSuHnw0xllEqlsW74s_FkhLiTnO9GeV_m5Oy-hHjyJ7BKa5QVlPHklBxY6uTFILQGwyd8_d9I-ZozW6nmNwTv_HuWwY0d0snGWIrjQc0BdguWKEqivABg11CFBrcABE2MwCMzS7wR4TYhqWL2M3swr0s4ZO-VgjIOzzrc9jZFGAaLBpkZ4iERgkUsjF-eErxZNCxO2y1LMvr5s_JqFN_TIfvMeTZLB-_O8QxhvWAmWwXltI42zEvzh4tjRtsWoL9I509LdSreJ4JYpoQTi7eSZO7msNgZAYeGi6ULKZHLACEDn-COytyh46-XMlHXB_TaojbfNM8lm8h2lGrBYrz0tRs3HvS2Vo_MQFa_X12hziFIFKHePzy-3OsNT1EMQAMqXSMlnT254abFCI05OcaEAs9Oh6lwFAB5mTMEZBZOEjjwWCvk0j7KKk6pB4o1D3zz9sbCm8KnhzAzUjkwt76KabynJRt76I0wxRprKA6Y5MX9MD721UwWw5viNz2VLNIcuNmbkfY6foF-EyH6WTRCwKKun_fw90ccB8K4W4u3uM5oL7KJQfERXhcpsc2rIeewf3HoxDCGj5PY4U9jmUwRDMK0gSK0WCfsTsd5lUiVangWLcpLU5OrfW0Yh819XGbvMb5089PwhEw9JJ2kEAuAPtsMaQWp1SscHYbmbZajP-pXuu1ivFGM4FDrK8Y0DxyMjNfqfeKPj7oYNXunvTCTk26o4PAgmDHjLN4g26IKogIE8zYhv2E--sNzc7hDj6rSJqFk1RwWGK1XhdH2VLAIcdqIogmSzdFPD0EyJlc_z7jcER3OOtc78aE0gt_feGAvC0S0RKsuVUR_9HOj3-pjnKUe_yCT-kAB-2uGXVBaFnCY_G2aQAtDKqfHCfNouxxQ7g0vGTrAvW4JGJy_vt6N56NTxxN2RbyE0AFz_JGGGkBlqctqyUrvQCXtInRdErifuSS4HGZtv-sOGyRmczkaP8JAFuiHVvFlHprAw8D5VFtZKSsHX03DEwY5guEAtJRu9kYXJS31h2FRCIV5hCJSU_KCyoP8i58qVv8HiLDGIWdsTRuI5UAAthGm1Y-1dkFMCNV1if3v4o_QpDTrGeTl9qcZFP-ZEMHDOOOVJZ9A2mobIs55JUWCQyd610djpRFvkwUmRe8uTaSUV2eyYgtvIiPjFTE22o9t3gLTI09wkdgf_IW8JOvkv2lDNQkFSxgDB8ezS5_THACud2R_mkTGH-5ReIrvaNn8rQ6kypYjqyTC6oTF-pavi3fZuqBHmlNOGNGsbGZWjoarrjzQqGFBuMPns50xULdtSywwRD3jv6CYKBQrA80p8HLvYXMfQDWau8VAnvzBucodlRpcR0_d6TcR2CPkvy9gg8OPx-mEgWxpwH9jANGZ8dqIB-OsUx2bozr40EVma_yW0fwyH4epsfub_GM3jBw3Hoof6lttq5eU6JHLq7BdRtUg3k4ceKbcrLZfK0f5NIydIySJWvsr-VgeKjMgfdvDC1PvwaJrWzUXtkzzMAOR8H_rHmCGXFa_vcR-Vq1dviHXFMh327epv6KLvjgCxbDfALr1bqCPljduxw2vQmSPbq5oMhgIgbPCqa74aCzSkylf_IQgXbuz5CR1ClzkO52nrynJPjVqHkurKgRNy1BIIqJVdEm5jfxdDyhcnmArtnM8ZNPg1eLsDeA9If9URc6zaaMs6LhoNjG7rFgtJnvOIACpzmBmB4jpAwAVLwS1_ulGJ53QNT8N9mq_FxP84sJOWFRidkV3dklnlRfk5fkS47gGXvf_X_apkcXLRTfERJ8tXRh4EAuO_6VhFuIMF3Bjze2dPlOorHHybhWEcJH255BiBO3XgnZ6BSdB_RRP8ETO7_DzblBc2G0lPw2wXp2364xW_jjA3pyHx9E6GqfVrcVjEg3CcreUfsasH0fcDsmdlaQTwpPZm9feY0i8fvSmwBdKuojttDeiSstRWmJ_bWlIdzjf8hBsXWkb_1kpTbKv1Y4guFxjusrbOAYwzdv1zaCxQFR6FmwmGgOIlqjaF37LSeRcOyvhJ29se4CB8_C79iQhHGeHYf5YC8FQUBRhWiMyQPfS_QHRD8q5X98HgS8xobf1Nk2uL-8w8alz-A7kQBUCr2bwM2Huv8YlKr891BgtYzuJ1amSak-SsGsMqrAV51g1yECk4dL_lBr_VrqKQh7PtxTvgS8IYfU_enpL-A1FF-C5gaGClNJJrIdKYHxY20qNpUJ_zbe-6f9hfD-T8WN7tKK-uVAFVOqbev7SCsMxD49CUYytU3-0zaaOkaiEbmFOOgJRRBCbHw3Pi0yHeW2U9Jc_mgWtiFr873KtwqVnwwduz63MFCqMK00YnIwgIdugXFhtzyeMnvXd4UYQ--x1BphjZXZWbjw38NK4zwIb__e32qJxhvPX7Gys2&cid=CAQSGwDq26N9rFqfscK2DmSxjcdP_rZSVCiGI-X3WRgBIA4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

2d8d81f32e02535a5eda110d85dcafdbebfa1d3544288d9b495a4a4c586a4d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14564
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7263496809280235966
tpc.googlesyndication.com/simgad/ Frame 01E3 37 KB
37 KB 42ms
42ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7263496809280235966?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmmi--sTiMselaQPV3muU06jCJ-Ig

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=1642762165&adf=2692237670&pi=t.aa~a.3594524556~rp.4&w=1126&lmt=1666181799&nsk=4586be61&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83&nras=5&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6vgF0mfwS9&p=https%3A//rebenok.cn.ua&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

339f9de97d7dfa22cd934d7a2c1c58c401a31949c2fa895abf54f6a941859892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 10:11:58 GMT
x-content-type-options: nosniff
age: 439483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37773
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 07:59:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 10:11:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 01E3 23 KB
9 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 12:16:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 01E3 3 KB
1 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 07:54:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 01E3 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01E3 152 KB
46 KB 822ms
822ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 01E3 33 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aaa6e5db037a6b2b9e6e59e3d88fc05553f681615d6ebe959560d97abc54c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 04:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
server: cafe
etag: 6374366346512913694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 04:26:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 01E3 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv-3QqOpPY_qINYrkj-8P1be-gA_xzIT6bLy5haGbENrZHhABIPnG1xdgu4aAgNAKoAHZx6D6A8gBAqkCKpjVGHb5sj6oAwHIA8kEqgTiAU_QmNgx1uPGSt5uXlFQF7IB7OoRNZCY3BjIEh10gv73Xw7RUbYLVx9K1uhBhqLfmVEmiECtPz5NHoWu1y2ohl8dDST1Ndt5RKDZi0Duau7TpUCvP3ngD9cgp9NYTL6TDMEcsLq6DGNAC4vPSKjpbZwy8234ijMX6SsAc830yLoL7O8ycFiQca7wSEPlJGEc9iu7H9AiSb5aiaojHp5BwzHufYNj3dyhAe8xao3z0t3OJ2GOm6QC6sEpDh20D1k6D9FTmcj5hU8MfEKlGZmxe5acnehI-5zK4BsDzRH8NdGyNL3ABNr1qa6MBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf0vtQhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQt4IC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMzY3OTE0OTY0OTMwNjE2OBgA&sigh=FP5RDeUUFMk&uach_m=[UACH]&cid=CAQSPADq26N9JV7DHZGlsIJfyHFxv8p8XV7ZNhwdFkTPjqpWfbZqFIcss4F2WggWk-9tMCZmVBLFIze092taRBgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=1642762165&adf=2692237670&pi=t.aa~a.3594524556~rp.4&w=1126&lmt=1666181799&nsk=4586be61&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83&nras=5&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6vgF0mfwS9&p=https%3A//rebenok.cn.ua&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 03A5 41 KB
15 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxhVYvPmLvTx24RtK1AsHnlt35KeWY4UjKptWzSZQMH7UNDurzpnGK7C1mmGSTJbsC1_mVU8mE1tt_7WK7vrKrH4uRTWXpl8lKtLPuXBVmc1LBONeqZfsXM_EGEyOM3S8Zm1JQrB0kVTEe6QygVk4O_T4SrLssPht_6zwnAguahvlBHo0&cry=1&dbm_d=AKAmf-BppE0uBcv3bgdL7IQOV6WVDFckELrRe4mVrewie5N6mCO6ChgaXB41XiOq_9nVsfH7xUNsHXK9W0tcxdO4OqKi3NL2PcS6zocF5kBbomTZ01eY0IB6ddZtcfXBwRDLSd31rj004_gcQmnDwnS8DtN6QlhH8kdIurvAGtrrThgQ5XUe0BqygliriOu942BGlCy64AMA5-BtAZ0XI5udDDzDXtdFM4eyAuTXOS-ydPK3TkbYtSNPzd5MnpYzGNl7CEtx0tk3LTiHApdINvMCAmZcnQAEWWAI7bIiH6y7oj-xTU7dZMmne9yNvfjmxZcaaNuN0BPhpngZtYV3exqT9LoIE_O1BvmSb06KNkKUZdaVbfMjfGv30xgoaptqWuWY5fIn48cOj0SX3Ta2YvgvW5Gqrt5NCIDT2ff_yzq1YC_PEtaZszCNprTPgN6tCnpNsebhl_W5VLAD1Z_ax0K0UAW526Lk0tftsJylUibzgGQCYdj__f5Nrbw1CN5Esv15RyA84bAsr7M_aGYWK7BZ9yn2rNCArO2KUO2nG2KNh2n4crfpYzdGFMeZhaSQmsMOo0YrazkKuhBtbisQJ7loraqJBWl38aQx0wjQr19Ht3HpUvyUJjVajeL8tuUf6WR5hIzH9-8SYrE7R1Ie-Z2johT9cJzyEmkaT2gZ5DE4bwSXiVGHizTqiAKEUn81vVb8v-SEWI4_IhUY7q8BaY7XCR4M7wpiIZV6jvhvVLSCpHy3DN6H8i7wBSX9IpkXj-NsdyzIR7Vh151Rp1ZOHskqzD3EI86Xz0UCqHe1xdx0zuRvJ3iFlKuxlaaG3ZbbU5iaKFxv8AcyibHPjw98swFMDRuSTGv08KNcTvtwDpgQgip9UWYRLS1o_UFPOg1pAuuRJ_ONKrcndNzEyRdxspvrHznAML18dpV_q4pvmIbSQwtJnicxAzvDB2XEb9TrNpU1vMHRoaZDKAL0CpgN11OXRWybpUU_1SPMF7ew48jc0J4vPxkhQy1YL3b3cEGixPoMW3hx2Tx6wqhcuZISEXPUMh3Lpw3vgq7R5xL2hXQg3Px8uc9_ETW7F9kDR6d4M596T03cY3ERLFjB5cZSSOW7pMNIwcEhI9K6_9u_AOnBJTrZUYYI77Wb3AIregwUfnivPdQDgt19pGlqPCDzGeE1_56jstTG3P7IMrjSgmElQSd2K836lbgmYQnt8rjjJsu-E9sdjn_8eu-YVXgCKA3pKfZ9BOHkTMFCfV6WEPgae6MFeZFaKjz9nxO5Sth9ALv0Z39jlHm7YXYqdNZS_9W5-ARPffFskabf0Xhf2NAe3LSxQBThHZDgLdNp0ZtlSDyaEmaexnjFx9AdcJWASwautsePIJOFU69Lw3rlKnRJpQeAbGcI1tjy_jQos6aiucxQUuxdbZkZtU4U-Wtg5hQ6YunZDyLeMuYEoqOsdCHY8Ngp2hkRSytg_ORiH76s6b3ZxvBJHsUtWR5qC6rpiifZQaMXdpZF5wdmZIbMi4jJa7DoJt_pgCsPxtbK5NsEQpFZAlZyfBt5yquu6yi_z8Tcx6ujJjDIMzlninusOHWUWK6AVkeUfVK_Pm7SduLMBKri0log4FKQ1RuChF-J-cYFzWdJz2mlgkEOXXD6ldLKpAp9ASELg30DNfiHedX0ZTFSqDExlFioXLijXh8l8M_Vfn2v7jUmjghHIRt8V9O8qKSL9Z5jfV-0yjK0WIAaMk7g18dvpWC1A4CsoitK3pwh5S-lH9xriW5qEGuVnMT2bKSzOUWCp9tHTFPuz0qK4orTyVEPgXr_8rLFqOOpzyGkonPYwip6V8tmY-Fvey1ySe_OgbN1pTsviooz9ISpu0JYuqwjbpak231VweVVsMv1Drt2dGTTJlGwwZvGKoLzzCk52IOj4Gm8yixLZcQvzFUgbJc2tplIKAAEQjHgCDeFzr-Vuqwq9XcNIwDbpE5HVvWmfgv4WaOcFDrmpvHjJF5mOzKtqwOV2PiRJJx8qkzLOL5J_ySLrgg0A9AGIoQr7pSb7x7VDWYriKqB3tEYkvrgfw_bMycg8oqPS7AARhZVXtJM5wb-IlwR8IaHbk09X2vcLHJqafwpxR0cJkP_1lOmSE4gZYuWKluby47FdSQO0GPsJNfkvGEABHUie4VPv8ZfZIAkNfC7NT5_ttsIE4tCbfOQV2GpD8tg6-EIBlpdWAmJP8xptJRidXAbv-Ghqa688ztEPFDoy2AvZ1nJn-6Go5N4nhTFY6hY7O_SLn7gAUjfVzRdfrCnGKQlV7VQ8Ba3YzYEAfsZNK0izJYSjGvw0QwBbKb49GoahKyOtl3fjb4vdD0BYHGmhlUinXLQZPLqoXGazexNxkRCdlU4bqLex1mcZeKHZOCaZRjPk9drJGpLfB17bYnJ47ulVSroldcA8rgl_8T6R49wEr9x3Mj-6kxrfApMvnIfm6HnKejmm9LI5uuoZ74U7UbEYLkWN7yW9gLpAQKOqA-MSdpfn03WmMtJ2xL_lS1Y08MO-I4F7G69Hc2OjlE-zIx7Pfmp-9Eieus01LgS0LRuIRfpZtZEo42Axqv5T6Y58lc1Zi6vNl2pdpkia3aGn5_jPtSKXInu8shuaVWPnJexbhiPRC64fyds7GPE2B3P_t_EOrZqdkGyEqxs36kcLBulCznMhTck94tF71oVylCZXzKk7fIU3eKk4Myltm2UPD7gV4P5dpeEjWZqW7A7EsxYeN8u-FPHRfhYnITx9_z6o7EoQJnp6RRFsILp8YguckNdAN6oDEGctjkNQsDKgIQzFXhhQ_kwJX1gL16Hi0m5Ej-v5_hawoYX_X5escj4tOe9DXamHY7NFJbtuf3OkF-WfzURbRx09iz3iwvw7tIikfD-ubv8RQtZLWe8TWjLefwXLNfmcPlJ1ofXiqnvRMV66AEZ-uefrjCJpq4&cid=CAQSPADq26N9bzLD6XjvtVUCiU4fmqZFcXDhOdWW7TuUz3C3n2JwICuMo21Q9oczwXoqpBFVNkm6FWfZTcMAvRgBIA4&rfl=2%2Chttps%253A%252F%252Frebenok.cn.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:48:08 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12707307691418431746/ Frame A3C8 1 KB
1 KB 119ms
118ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12707307691418431746/downsize_200k_v1?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYILBAsGAEgAS0AAAA_MCw4LEUAAIA_&rs=AOga4qm1nSmMGvxBUy6yagng0Im6dh_w2Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b59c2703167f01b6d7b987074df9d33f8354207cad4739af173c5887d1ca76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1406
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 09:01:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Oct 2023 12:16:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A3C8 0
0 88ms
88ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChwqzqOpPY-OcNZmi0_wPz5m00Afeg-b1bIrN-bXYELPb3cK-NRABIPnG1xdgu4aAgNAKoAGa3s7vKMgBBqkCKpjVGHb5sj6oAwHIA8sEqgTzAU_QmCR_rQJM28rWSAzu6bRUjOGkhQUdxpr-4U2BcNqs8dFrCnYh5b2-d0c2t9636vBmgXxtNwRTZef427LnlVfELONw4ipMafUUv4E2JpRHRmQ_lZ0aypg33FMUoIsa7n4QyZsTzAO3G-_hiuVAJ9JE899TuKP6TmghiRJZy0BRuWefJiexzxF4K9OVHkvpn9s9dmknxBUVMJtRH5CMfF3uPuwu-gvfBVLHATvkdDWWC3gLgJ9J4vxGzj2B2aH79qjMJBSe8CtzAwPvHM1OpUi7FcuObvP2jA5DmDBO2AqbVqTLJxQqJhIX60QXE5gg-m4SA8AE-5z3j5MEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB5qWn88DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_cYD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzY3OTE0OTY0OTMwNjE2OBgA&sigh=m-JP768KX-M&uach_m=[UACH]&cid=CAQSPADq26N9J0lgDqFZlMP8mANyQavYSMTrVJ1KoGbIiG62ChXuBHSz08_ms9ZFTvpx_DK8gXIrFoWtm6aUaxgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3C8 10 KB
10 KB 61ms
47ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 12:55:48 GMT
x-content-type-options: nosniff
age: 170453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:55:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AFEA 143 B
166 B 42ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=1642762165&adf=2692237670&pi=t.aa~a.3594524556~rp.4&w=1126&lmt=1666181799&nsk=4586be61&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83&nras=5&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6vgF0mfwS9&p=https%3A//rebenok.cn.ua&dtd=24
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3669 1 KB
643 B 43ms
41ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:38:31 GMT
etag: 48472445140208031
expires: Thu, 20 Oct 2022 08:38:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 01E3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66ec09bbe1c7cb1644f9532c2b32dcd0ec2a8675bfa958f7aefc40500689bb4f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0522 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 582035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3669 35 B
463 B 140ms
41ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGi8jHyQxu2MI6A7lSftraw&google_cver=1&google_push=AZmPxg9X9Y5TkBe_jcKvzFqyuxHeTiza9MNnxgd4oYsM9Z8GkaaAbuZMcSvkDL8UwdqjPp2H-Aerkf-IsD31C9HIdSf9367vELw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3669
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEP5ifbXD5aiokCVe6LfkwnE&google_cver=1&google_push=AZmPxg_FFTuBfBg8fr379xfPiQYXLCZllH669gvBDJypD3iCObxgFRZqepyQ4GgC34goz0h1m17oBgsIR3ZjV-Qqjs0VeVvaPLg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_FFTuBfBg8fr379xfPiQYXLCZllH669gvBDJypD3iCObxgFRZqepyQ4GgC34goz0h1m17oBgsIR3ZjV-Qqjs0VeVvaPLg&google_hm=Q0FFU0VQNWlmYlhENWFpb2...

170 B
188 B

56ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_FFTuBfBg8fr379xfPiQYXLCZllH669gvBDJypD3iCObxgFRZqepyQ4GgC34goz0h1m17oBgsIR3ZjV-Qqjs0VeVvaPLg&google_hm=Q0FFU0VQNWlmYlhENWFpb2tDVmU2TGZrd25F

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:40 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_FFTuBfBg8fr379xfPiQYXLCZllH669gvBDJypD3iCObxgFRZqepyQ4GgC34goz0h1m17oBgsIR3ZjV-Qqjs0VeVvaPLg&google_hm=Q0FFU0VQNWlmYlhENWFpb2tDVmU2TGZrd25F
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3669
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_GzxCTNwrKrwVSm9CdiYGV471SwO3RJxxlKaxPo5D3RoALFtfCy7l8U4t3baI4LGfeTZTdIrnqUeSwwwgd3zppxZCuQR4&google_gid=CAESEGDi76QCCPZE_ApsXYvgox4&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKnVv5oGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGdfR3p4Q1ROd3JLcndWU205Q2RpWUdWNDcxU3dPM1JKeHhsS2F4UG81RDNSb0FMRnRmQ3k3bDhVNHQzYmFJNExHZmVUWlRkSXJucVVlU3d3d2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMlJYbHhnYlJlNzBNT3RRamotR3ZlSzV4SzJhb2VMYUVkcmg2NXlsY3RHUQ==&google_push

170 B
188 B

55ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMlJYbHhnYlJlNzBNT3RRamotR3ZlSzV4SzJhb2VMYUVkcmg2NXlsY3RHUQ==&google_push

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Oct 2022 12:16:41 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMlJYbHhnYlJlNzBNT3RRamotR3ZlSzV4SzJhb2VMYUVkcmg2NXlsY3RHUQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3669 43 B
351 B 99ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENlSaAJoOfs49fv8fbiAqG8&google_cver=1&google_push=AZmPxg840l5LCrItk-hy9jpQe5aZ-q6ZdWmKKwrhE7gj097Ig1XRWsT_hemyGCe_pv8gMqEHUzjk0_moko1MxYuN0_KxiJcsnFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=1642762165&adf=2692237670&pi=t.aa~a.3594524556~rp.4&w=1126&lmt=1666181799&nsk=4586be61&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83&nras=5&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6vgF0mfwS9&p=https%3A//rebenok.cn.ua&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: h1vnst5bji9d50p39i0lftmsq1hr9n6h

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3669 0
166 B 161ms
35ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDeUMpEwFZkidoyjnPMGPtI&google_cver=1&google_push=AZmPxg8rwcVTmucAID9oTZojO8cfJARKvlpkMgZN_K_DJYUNrYIr5OC8ahAH-BVOlo14XzPhNzqu3nrqzToKPCd5yFHu53tJ_Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=1642762165&adf=2692237670&pi=t.aa~a.3594524556~rp.4&w=1126&lmt=1666181799&nsk=4586be61&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83&nras=5&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=2201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=6vgF0mfwS9&p=https%3A//rebenok.cn.ua&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 19 Oct 2022 12:16:40 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3669
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEILgLROVZnVr2ruMLtZsVz0&google_cver=1&google_push=AZmPxg_JtqdRE7nY7fFN8NA4PZZYQ5brp4Nsju88OJvwB6_LYlkaf57crS7iJMTFbmO7m1IImsg...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JNkotMjItTUQ5UA==&google_push=AZmPxg_JtqdRE7nY7fFN8NA4PZZYQ5brp4Nsju88OJvwB6_LYlkaf57crS7iJMTFbmO7m1IImsgXj9ClUMeSfuQ2Sw1ivywTgg

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JNkotMjItTUQ5UA==&google_push=AZmPxg_JtqdRE7nY7fFN8NA4PZZYQ5brp4Nsju88OJvwB6_LYlkaf57crS7iJMTFbmO7m1IImsgXj9ClUMeSfuQ2Sw1ivywTgg

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JNkotMjItTUQ5UA==&google_push=AZmPxg_JtqdRE7nY7fFN8NA4PZZYQ5brp4Nsju88OJvwB6_LYlkaf57crS7iJMTFbmO7m1IImsgXj9ClUMeSfuQ2Sw1ivywTgg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3669
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJvr2AhE4bviASMqAVDXooM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvr2AhE4bviASMqAVDXooM&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg8F0oAGpZiLYIamPsPgHk0tebQAUfeYg...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvr2AhE4bviASMqAVDXooM&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg8F0oAGpZiLYIamPsPgHk0tebQAUfeYgtndOuLtRl8NiiYe90Ex0nZi29ty6En3b1kCw7HaUOnF3F1dkHVQ8ME2sgsEdg

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTcB449LYOaW0jTEHU60cgqmUmxm0NBr4jD1fgSoEAx6%2FwxDdz9gcYSxFcKMcOu43zxAjsa8AAvDaeo4E92ynpRwtDnW%2BW9L8N06HaTaAnTBf%2BFoWExTOPglPjqPOQPZSS97KpRNfbZeKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJvr2AhE4bviASMqAVDXooM&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg8F0oAGpZiLYIamPsPgHk0tebQAUfeYgtndOuLtRl8NiiYe90Ex0nZi29ty6En3b1kCw7HaUOnF3F1dkHVQ8ME2sgsEdg
cache-control: no-cache
cf-ray: 75c97243db7174d5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3669 0
12 B 132ms
49ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0DfEB5fLNT_gm7DTPxq2Gx98vCDropAvRuKlVQQSB4kmx4wiRmeRT2moQi6WSRIfePQ4g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AFEA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
56ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:41 GMT
expires: Wed, 19 Oct 2022 12:16:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0522 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H/1.1 200
OK 63291846 Show response
unified.adsafeprotected.com/v2/1048812/ Frame 8CCA 47 KB
18 KB 291ms
136ms XHR
text/xml 3.248.56.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1048812/63291846?omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N5547.612085REGITAL.COM/B27811090.336865591;sz=0x0;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.56.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-56-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 10a72dcba4fdb4ca6d1adc956ecdd5276f786d32fa60c0ed10f4d341866e6b40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:41 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17788

GET
H/1.1 200
OK dvbs_src_internal109.js Show response
cdn.doubleverify.com/ Frame 03A5 59 KB
19 KB 44ms
44ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28085862&plc=339901543&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0hmExBNvHPfJSE7wkCnNtu7&c1=4845432&auorder=1006889571&aucmp=17047376584&aucrtv=432190061&auxch=1&pltfrm=1&ausite=20305045059&turl=https://rebenok.cn.ua/&aubndl=&dvregion=0&unit=160x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:20:14 GMT
Server: Microsoft-IIS/10.0
ETag: "03bb312aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19455

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 03A5 1 KB
899 B 168ms
48ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_164573497600&jsTagObjCallback=__tagObject_callback_164573497600&num=6&ctx=25334725&cmp=28085862&plc=339901543&sid=5549275&advid=&adsrv=&unit=160x600&isdvvid=&uid=164573497600&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0hmExBNvHPfJSE7wkCnNtu7&aucmp=17047376584&aucrtv=432190061&auorder=1006889571&ausite=20305045059&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&c1=4845432&turl=https://rebenok.cn.ua/&chro=1&hist=2&winh=600&winw=282&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauC636%3F%40%3C%5D4%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauC636%3F%40%3C%5D4%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=6.30&aubndl=&callbackName=__verify_callback_164573497600
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ebbacea7cea4a0a8d29fd5bf50c630479f854c40dc67b38bd0b04d9e845c2b2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/18/2022 12:16:41

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0522 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-ZweqepPY9n_D8bO7_UPzLC90AkAAAAAOAHgBAI&bg=!rK-lr-vNAAYeOJy_Pjg7ACkAdvg8WpCxETdnToRjh9G15gkvF2xqqhWVGc32G83qIvG5H_XafjVG6QIAAABLUgAAAAJoAQcKAKLUOLnREgLl6I6vvXLJR0WM803PCh_oIaOhPhmwDSWthxHkdeYazfNB-u94I1n8M3JjLbbOUtutdZ0DCmR35fcU05QBq46pa79Pvqs_2qYjq_TpiJs447TvLrNpJYf6cDG5qSmQ5WWRJOTIUpO022KQ5p-G2LmDLf5_0qTVIzlqiQK3AW_gq3NUlmLAwF1LkPBN2b-PTEjrDhI8iewmZwerXJyZAuDI8spmMoDA69KT0sXzeTovs2NIGT2Um1zOhqj4X63SqF3NzSe_BOCILCmWOL-38sGvpLS135wngIR0bolNQBkI6Pwq5ewiAtSofwK9M4moxxLOiT-yrVlelZLM4vyVL99QTDGhugmBYTlEdX4bIOV2giA5uv1HZN6nZpRKTbmaJifLxi8KGjdHRPYy_ytH2caMEjgYK9TlVxdZx66lC8KTGHMGSHqufm5dyCWFWZPbQZ085JVXeStUsK35WLO3kd7ORxWvuaxCinPTCg9nLDPq__RQySINv9-xGigkNh30KsOpRyQrA6P7Jp7UQnncBgIRWWQlsGIWK6yO6josL1Z40k2QbbV6HL_Tbti6O4rImMF6IPjxlxnsAU8XH1HcVmYDGwC4BwnluypHhpYDmn4-Sk29VQdpvKH9Ja6G27j7T4YDSV97ns6ZGdQh9h8fuoygEGd7y_8RbcyL5BRzlsXOsayVp8LPxXjH_LoCT6r8hFB-vIv-wxoD0lPPXNhuHVoQKMmS4AdtHZ86-ZVT8uZbd7os0dyvucIurn8vSeU2GPKOd4X0zZvymY_OsoOTeh_rH0tzDyfjLEmynipfbsfv38USMJjLvIKYfXeCZtCqULiV2PoNdTaP9own22UJRpU78wlM4qdiYV7PxEdOfdiRtfxamBaMh-qb7eVC_v_ICMX8jDSYoxAzZD3hiV0J2XVptweIBgViFieD4I6EiGhik3xsOqdbMvainFvxVJdjoSWX5RlJoUNRes9Rg8oxsBXl4B_7EFiN5RDF4_njdpeMQbxhI9v5eZRTzwli6YglePgXNkbTg3X9z67osIUn6ZX4dXfCBVDAnd_pfDZEAdGua-ZSRsB9nB4ZGQHkXKDnuQ8GbYdM9aDsOeL4e3kUGB_7JBBGvL19QdB6rmkAUq3l2iLFfm4H3Fn1eDcD4Xv1f3Th5VNqQ_6WnsGH0qusjQZBIE9DT8NqclzJrgiFZd2T

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 03A5 28 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 11:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:44:15 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CCA 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-aigl6ney.c.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8CCA
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-aigl6ney.c.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

137ms
28ms

Fetch
video/mp4

2a00:1450:4009:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigl6ney.c.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3FF6A2DDAC909C7AF41CA16D0074DF6725D011BF.1746436A470FD546688E81E6C7C8EA327A2D6306/key/cms1/cms_redirect/yes/mh/De/mip/2001:ac8:21:e::4/mm/42/mn/sn-aigl6ney/ms/onc/mt/1666181351/mv/m/mvi/2/pl/48/file/file.mp4

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4009:11::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:42 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1481752
Last-Modified: Wed, 18 May 2022 09:52:59 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 19 Oct 2022 12:16:42 GMT

Redirect headers

date: Wed, 19 Oct 2022 12:16:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-aigl6ney.c.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3FF6A2DDAC909C7AF41CA16D0074DF6725D011BF.1746436A470FD546688E81E6C7C8EA327A2D6306/key/cms1/cms_redirect/yes/mh/De/mip/2001:ac8:21:e::4/mm/42/mn/sn-aigl6ney/ms/onc/mt/1666181351/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v91.js Show response
www.googletagservices.com/dcm/ Frame 03A5 61 KB
23 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v91.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 14:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23646
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 14:40:45 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3F9F 23 KB
9 KB 42ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 473594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:43:27 GMT
expires: Sat, 14 Oct 2023 00:43:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B9689862.280626343;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=497053800;ord=1lpl9d;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Frebenok.cn.ua%2F$0;xdt=1;crlt=7a4... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 7B40 54 KB
25 KB 189ms
84ms Document
text/html 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=497053800;ord=1lpl9d;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Frebenok.cn.ua%2F$0;xdt=1;crlt=7a41SaZ'lR;stc=1;chaa=1;sttr=55;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

65a6d6f55a819181a6c95b40f216cf68445491ef16768c4fb7b10a1cc35b1101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 25567
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements3094.js Show response
cdn.doubleverify.com/ Frame 83EB 545 KB
105 KB 50ms
50ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3094.js
Requested by: Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 12:16:41 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 19:04:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0cf338991cbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106974

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0E45 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:38:31 GMT
etag: 48472445140208031
expires: Thu, 20 Oct 2022 08:38:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 03A5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dedf2eaeb77337bf98e608a642a438bfa88a3e46abcccda8e2d6f4a36f36e9e1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F9F 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 14:11:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E45
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP1wuSq1Cag9m6UZCbIkUQE&google_cver=1&google_push=AZmPxg-xS6FIFST4jb0cavkm4GXxg3igSX_jyJ518fB4w2kAfVjYwWR6o5...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-xS6FIFST4jb0cavkm4GXxg3igSX_jyJ518fB4w2kAfVjYwWR6o5hbhnFMnCA9sqLbg-BzT-kN7rq9zEZ3M1qHBqVUp3QUJOhNsvvvQZg91iuD6LGPS01...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-xS6FIFST4jb0cavkm4GXxg3igSX_jyJ518fB4w2kAfVjYwWR6o5hbhnFMnCA9sqLbg-BzT-kN7rq9zEZ3M1qHBqVUp3QUJOhNsvvvQZg91iuD6LGPS01x2UvAFCNBIraKpOdls-VXPD6kW2PufjQ&google_hm=8E6KnS65l91itV3Gp_Bplg

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-xS6FIFST4jb0cavkm4GXxg3igSX_jyJ518fB4w2kAfVjYwWR6o5hbhnFMnCA9sqLbg-BzT-kN7rq9zEZ3M1qHBqVUp3QUJOhNsvvvQZg91iuD6LGPS01x2UvAFCNBIraKpOdls-VXPD6kW2PufjQ&google_hm=8E6KnS65l91itV3Gp_Bplg
pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E45
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJugUE31MfpYnCo9yFePd68&google_cver=1&google_push=AZmPxg9S45ufw8ISinQ9b85p0drP-jirmPpgsjcnTrCBoHzvKKTMBMYys4l-05PWkc1GFjHjg9U7cIpLtQRUM2xGPzWj-sN_RW8s4...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9S45ufw8ISinQ9b85p0drP-jirmPpgsjcnTrCBoHzvKKTMBMYys4l-05PWkc1GFjHjg9U7cIpLtQRUM2xGPzWj-sN_RW8s4oYykPGp7uKAmKPwWmATMgZvm89lC5no...

170 B
188 B

53ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9S45ufw8ISinQ9b85p0drP-jirmPpgsjcnTrCBoHzvKKTMBMYys4l-05PWkc1GFjHjg9U7cIpLtQRUM2xGPzWj-sN_RW8s4oYykPGp7uKAmKPwWmATMgZvm89lC5noMKWLD49qrSvypbcZQXow5w&google_hm=Q0FFU0VKdWdVRTMxTWZwWW5Dbzl5RmVQZDY4

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9S45ufw8ISinQ9b85p0drP-jirmPpgsjcnTrCBoHzvKKTMBMYys4l-05PWkc1GFjHjg9U7cIpLtQRUM2xGPzWj-sN_RW8s4oYykPGp7uKAmKPwWmATMgZvm89lC5noMKWLD49qrSvypbcZQXow5w&google_hm=Q0FFU0VKdWdVRTMxTWZwWW5Dbzl5RmVQZDY4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 0E45 42 B
60 B 41ms
38ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-fsU8f-LSpEMS4qyTDeTJhL-7nABwSd7o6mJCXJIkF95bkx995VsSYElogDwQn_YFZMOOjcmcl5rOYQpUsTZ6omCkKkVhgN3vqIxVBZRevavfijjUEpysL5iSy5bZ5SlxPpHU2Du68A1uLLPSTqK4&google_gid=CAESEAniPwGZroos2GMEqq-9qls&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:41 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 0E45 43 B
356 B 126ms
40ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENX-W7TTGg44y94-0NNMsTw&google_push=AZmPxg-3DxpGgK08pQTbHSzRP-hcKgD7OchVwYAGTlacnqdM9moT_3BsYTB6y83VXwGDPcS5fMODvrbM-O3s9L-8_d8mHsGC8a3mShfHuRKyDRLYjmUSm-OCPNZWAn-xFWcPSdvTGK3iuWbKDRK0tlW1mNc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 0E45 43 B
64 B 67ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDbllU4VZxoQic-B_dI8-rU&google_cver=1&google_push=AZmPxg8jH3DPr720aI56R9jjygL7srdROHMvICOqZMf_9sYbZ7bIXGJzUIDWonq3MvM0n9Dl__32he9-Mer9n7WTE28wv28peXPy_4loiPRR8EenonAO1HW7buw5vET86iFYfRiXsniO1cPi4hM9s0LjiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 57isaeuob1ldf40b9suo5hnssmnntphu

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0E45 0
41 B 37ms
34ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAvSirnntW7Dl63o8bzuYN0&google_cver=1&google_push=AZmPxg8hIhBtFAHLnl9Sy4LoXybxDahe-ym206JEv6dPsi4hByq6h337VInhRfmK1qmGnkZqGUmf_1dVk8zUkfZc52jdTmpbVLGyV8aC7HlAGn519CNwS31a1rjfMj_CvrsHQm96v9r-3OaQk0SItLikWb4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=600&adk=972993429&adf=340709956&pi=t.aa~a.1642843899~rp.3&w=282&fwrn=4&fwrnh=100&lmt=1666181799&rafmt=1&to=qs&pwprc=6014074186&format=282x600&url=https%3A%2F%2Frebenok.cn.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280&nras=3&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1227&ady=1205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9EuhPgbLoJ&p=https%3A//rebenok.cn.ua&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 19 Oct 2022 12:16:41 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E45
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIsFfW24DEQNXO4YD5XRFaU&google_cver=1&google_push=AZmPxg_AekUlG0WfZUuJr7ZssV-_M2SFzzsSV6COS4lGuavzQKDkD9OChdgU4JmG6pL54RftjeB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JR0YtMVQtSVo5Vg==&google_push=AZmPxg_AekUlG0WfZUuJr7ZssV-_M2SFzzsSV6COS4lGuavzQKDkD9OChdgU4JmG6pL54RftjeBRDeqbLgv1p35TKgUUUsWXApEGq...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JR0YtMVQtSVo5Vg==&google_push=AZmPxg_AekUlG0WfZUuJr7ZssV-_M2SFzzsSV6COS4lGuavzQKDkD9OChdgU4JmG6pL54RftjeBRDeqbLgv1p35TKgUUUsWXApEGqbuzdOUlfeShP8AM03IK21CP99xSqIfkBPvAD0iUvGPVDUGXGWnD2bs

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JR0YtMVQtSVo5Vg==&google_push=AZmPxg_AekUlG0WfZUuJr7ZssV-_M2SFzzsSV6COS4lGuavzQKDkD9OChdgU4JmG6pL54RftjeBRDeqbLgv1p35TKgUUUsWXApEGqbuzdOUlfeShP8AM03IK21CP99xSqIfkBPvAD0iUvGPVDUGXGWnD2bs
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0E45 0
12 B 54ms
51ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlzJitQy0rmlHohczZrl9nMCrSt5OmKmEM4yhtEkXhVOSUmf6gWRaDkEUvukwgYmeLuNVl

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 83EB 694 B
703 B 151ms
54ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=142&ttfrms=30&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC636%3F%40%3C%5D4%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauC636%3F%40%3C%5D4%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1666181802043810&jsCallback=dvCallback_1666181802043755&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3679149649306168%26output%3Dhtml%26h%3D600%26adk%3D972993429%26adf%3D340709956%26pi%3Dt.aa~a.1642843899~rp.3%26w%3D282%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1666181799%26rafmt%3D1%26to%3Dqs%26pwprc%3D6014074186%26format%3D282x600%26url%3Dhttps%253A%252F%252Frebenok.cn.ua%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1666181800746%26bpp%3D1%26bdt%3D1377%26idt%3D-M%26shv%3Dr20221017%26mjsv%3Dm202210130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dce610df9248f2ff5-22b6951e4ace00a6%253AT%253D1666181800%253ART%253D1666181800%253AS%253DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg%26gpic%3DUID%253D00000b7577243b58%253AT%253D1666181800%253ART%253D1666181800%253AS%253DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D2552228943737%26frm%3D20%26pv%3D1%26ga_vid%3D1065341134.1666181800%26ga_sid%3D1666181800%26ga_hid%3D1241293373%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1227%26ady%3D1205%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531705%252C31070415%26oid%3D2%26pvsid%3D2617035776689384%26tmod%3D1749024509%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3D9EuhPgbLoJ%26p%3Dhttps%253A%2F%2Frebenok.cn.ua%26dtd%3D16&fcifrms=8&brh=2&sdf=2&dvp_epl=242&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://rebenok.cn.ua/&c1=4845432&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0hmExBNvHPfJSE7wkCnNtu7&aucmp=17047376584&aucrtv=432190061&auorder=1006889571&ausite=20305045059&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=4596013256.836169&dvp_tukv=26047762.189931232&dvp_uuid=18988753.753246445&dvp_strhd=0.40000009536743164&dvpx_strhd=0.40000009536743164&dvp_tuid=1660954593506
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c17110ecb4dd8937867055f2c8c118e226f789ff94ae3e00f6458c64592aa971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:42 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/18/2022 12:16:42

GET
H2 200 16441750131771963665
s0.2mdn.net/simgad/ Frame 7B40 40 KB
41 KB 131ms
41ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16441750131771963665

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=497053800;ord=1lpl9d;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Frebenok.cn.ua%2F$0;xdt=1;crlt=7a41SaZ'lR;stc=1;chaa=1;sttr=55;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d162f1a957634c9f376091ae016a94b3bb7e9b11830eafef203201156289f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 09:26:38 GMT
x-content-type-options: nosniff
age: 183004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41202
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:27:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 Oct 2023 09:26:38 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/xfa/ Frame 7B40 10 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 01:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4037
x-xss-protection: 0
server: cafe
etag: 4842123143989086801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 01:14:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame 7B40 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 08:38:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B40 152 KB
46 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7B40 0
575 B 182ms
78ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKVm-0Qtqjw1O4GQZ5ksufk-FYXrTp-9mXzmXacbvCYQL3gtTHz5ks-oV2RbiFfUAX_4sniQv5vq2B0dox62weMVGJWwO4nLhmRIpLEIzgQQ9gWO4CjYDDdlfTIlwg4r8oUDIOgQ6xpJoXTnjT6beh1aqfHuLN&sai=AMfl-YRefuI1gQOoRNCgfxonkDolYC4Mbbx3HFlIEXxyQyuXH5rwbLpiVpjDUHypSpDyTJsIIF10Alk2HuV8xwqUy2KjZpLmZCC1ZK9mhwES&sig=Cg0ArKJSzHwvlqeTyfbBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221017.85071&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B40 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:48:08 GMT

GET
H3 206 file.mp4
r2---sn-aigl6ney.c.2mdn.net/videoplayback/id/b561087e1a89ff4f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797315694/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8CCA 1 MB
1 MB 58ms
28ms Media
video/mp4 2a00:1450:4009:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:11::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a4ae30d4e04805036f9b2da3dc9ebba91a6d053be14812a65b28d2f64f23ef59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 19 Oct 2022 12:16:42 GMT
date: Wed, 19 Oct 2022 12:16:42 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1481751/1481752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1481752
last-modified: Wed, 18 May 2022 09:52:59 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F9F 0
22 B 78ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BghvoqepPY5iJGsed-wbw646gCgAAAAA4AeAEAg&bg=!ammlaS3NAAYeOJy_Pjg7ACkAdvg8Wk70yqadoV0PxPRXTIiQ_UDzFH1R8qQTbRSb-bEuo1nK9tfTeQIAAACYUgAAAAJoAQeZAtz5o3ABa4NP0VJLsH0gzZ1reaQP2kK8LDG5WVleQIlpoHEy0-Ew_AcFn2NWI_IG74vGf61DjZ2pltnCiWKzW8OxMCmn90Y_9E6n9xqMP-wp1ctdsZtQ7jV1HvtKuCjIX22_Mt8nOezZ27Xf12mfkB00nTlkNh8cO2RcnLOqJgBoIQnSEx0cgFdrHhoqoTEQ8KDfhjVaALKgUkiNN846lI3wJZjots299vzxls-4GCy4XrmR9DEtWVjK9PBpywZnofuhmtPiDlHyRzroaLVE1RLYP6QLYu2QgAfXosyHEj8EZNqNphGWcEFtsKDGLaQeLHRhGwxikmSyVqVT3i8wjbeKofKysiiUnwleaFfztOQR-MO1o_4KmsKBbTjO3VrKhP-AHyAO9PXDq-Ge4w-6vyKKnQRDK0-Py-kFzBlQPUZPLHXnpv4sEdOiJ_zFbF3iPVYCxKs5oMndYRVYrwcMCn74tbwwii0OwsttcENoyck-luveWfe4MvbVO0iHkco9-axrbxMsTXjlAZ9c4OGXyOviy7jN7wwyHv7OsSMRn48_2vcCFIWuMtDQcgG0nCqLYi467PlOeAbRAOCymZYL520FX-6LfSRow9a9w0w4Ib40uIltAgZo38BvdEhEFVikOG5lnsgwgQTNBJmO2CjzS5IuUVF4Gt2kbnv6_mjDIYwE9pI7d-DZx4wUyEveV1qJj1o-J6xUcMh4HxhJOjRVKog6gzpMATwD2vLbNVfC_i5keXdUBywr8VcA4yrLEQNp6hQ8wQS_FKGNxvQ6-XkAXhQKwu1xmr6h6mpQaBHZShHw1yOeQzd90Ig0cHiRCWUCXJHFysc3xkTmcHGR38ID10zSgQRz1wIhbJWPX088EYf03zo6xDctbnb7wu4g8zJ0aCwHrpJrn8tA4FjzgVnnvvIMuBK-wdyBkOKo9G2mf8605QVlku032ftt-EBnRuM-amRfp1BQPC1LF-7VgiQ

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7B40 7 KB
6 KB 133ms
52ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2e895997eb598f5e47c4f0e4e692d13a5fab22bc2f14bc7d70984886656b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A151 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 582036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EF3A 28 KB
28 KB 123ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 136985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 22:13:37 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 801A 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A12 143 B
166 B 42ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B37B 1 KB
647 B 41ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:38:31 GMT
etag: 48472445140208031
expires: Thu, 20 Oct 2022 08:38:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A3C8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd2a13f235b622a98d81621ad0cd93ec60d12abd6c0beb9fafacbe8464ae4147

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F29 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8A28 1 KB
647 B 41ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:38:31 GMT
etag: 48472445140208031
expires: Thu, 20 Oct 2022 08:38:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7B40 0
26 B 159ms
76ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B40 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

GET
DATA 200
OK truncated
/ Frame C55C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e744955a19f8d26234b460476c0bf0837655507418ae21dbe50b6e7be873d96

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame A151 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 14:11:13 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame DBA4 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B37B
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAn3s0917OzTGU9npaweoTY&google_cver=1&google_push=AZmPxg8WQyV-0qT18NGvO7iPEztuoM1xSxD7qJc8Xnit-WaAiHkaM98Pnu...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8WQyV-0qT18NGvO7iPEztuoM1xSxD7qJc8Xnit-WaAiHkaM98Pnu8l8FYsEx58GuXC3EHZFSLApelA5h5pa3tszP0f-AMWQUjXVGLVS0s5UPosPEjTVBl...

170 B
188 B

53ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8WQyV-0qT18NGvO7iPEztuoM1xSxD7qJc8Xnit-WaAiHkaM98Pnu8l8FYsEx58GuXC3EHZFSLApelA5h5pa3tszP0f-AMWQUjXVGLVS0s5UPosPEjTVBlR3J12aBi_xCptiaUrBa8fgX-w4ZSxaqk&google_hm=8E6KnS65l91itV3Gp_Bplg

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8WQyV-0qT18NGvO7iPEztuoM1xSxD7qJc8Xnit-WaAiHkaM98Pnu8l8FYsEx58GuXC3EHZFSLApelA5h5pa3tszP0f-AMWQUjXVGLVS0s5UPosPEjTVBlR3J12aBi_xCptiaUrBa8fgX-w4ZSxaqk&google_hm=8E6KnS65l91itV3Gp_Bplg
pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame B37B 43 B
61 B 74ms
40ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEG0HnHNvVkuoFA8gPU-VGr4&google_push=AZmPxg_fLMhQzzJBHOQ-jVsVm-hk2QxS0PJKY-1y-lSq8SxbAAUasDE5sOvnwIft44MDNREJgRIQksHsD8yveDOFTNlpuacHLnbv8RgrB8lZdyIDAWH0rFVGeuwHR1UZTz-ii0fFuwJwa0EWD5Ol8_8D1vE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame B37B 43 B
64 B 36ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGFELqXBWRu2Ue7ltIIMlk8&google_cver=1&google_push=AZmPxg8b_Lg2Fybj8aOgGAzbqT3E1SJofK9eaqf3zt3nIm8opN1Mc-DoiBoz5u1Fn4j7tozW6z-KwscNfad6oxriAbdWkwOIDO0B6eHqqX9kzpMalNX_sxhFupZjYdSf6O76UO_rYZB03L9_C27Z9Ry0pg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ocg7b5rc4cmegblnhqlooh3m9ro2mn4s

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B37B 0
41 B 36ms
34ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDQBioFTzqgR6nrI9fB_E4U&google_cver=1&google_push=AZmPxg_4Q4LdaA_TcpmK-M0tBbw7sFKqI2N6tbK54ejFp89oTdM9CCAIk68m2AsE5V86zN4uKQ_mHANWpyHT0J8Gba4alp_Pfc0J9OTa1xn8VjA_HNHAbTT3c31RyATdqZDQYNhb6qG4pBb4-O56d7ohKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 19 Oct 2022 12:16:42 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B37B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB-Eghzi2AEclsiuPuHeMiE&google_cver=1&google_push=AZmPxg9pI6KlsMIyHqnuSP-5RVHYbi-Rys6XqnsYBkOLp1t8flduhv4ntcn9sSC55kpLd9wN-Ib...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JVUYtSS1FMjhK&google_push=AZmPxg9pI6KlsMIyHqnuSP-5RVHYbi-Rys6XqnsYBkOLp1t8flduhv4ntcn9sSC55kpLd9wN-IbL8IAI64GfzMbfaMYOIN-VM2ppwqS8L...

170 B
188 B

52ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JVUYtSS1FMjhK&google_push=AZmPxg9pI6KlsMIyHqnuSP-5RVHYbi-Rys6XqnsYBkOLp1t8flduhv4ntcn9sSC55kpLd9wN-IbL8IAI64GfzMbfaMYOIN-VM2ppwqS8LzrpPwc23ZWN3kvWEj3osclPwuUodv7BNszW8CXOFn-DX92D2KI

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JVUYtSS1FMjhK&google_push=AZmPxg9pI6KlsMIyHqnuSP-5RVHYbi-Rys6XqnsYBkOLp1t8flduhv4ntcn9sSC55kpLd9wN-IbL8IAI64GfzMbfaMYOIN-VM2ppwqS8LzrpPwc23ZWN3kvWEj3osclPwuUodv7BNszW8CXOFn-DX92D2KI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B37B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFYP1EoYbaOWlgQ7f5rXL4k&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFYP1EoYbaOWlgQ7f5rXL4k&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg9ng-tmdxnIjDxumd-co0tXuBHk2mVwM...

170 B
188 B

53ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFYP1EoYbaOWlgQ7f5rXL4k&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg9ng-tmdxnIjDxumd-co0tXuBHk2mVwMv2MCBdKujNdyacChiwM41I3j_bhK2QiArlOgHwMpgmu_c2eOfSgXUDYHu-BODB78ioVGiDiGd61mnX0pBvRvtVx_umj64zouJACFvZ5gwmavbb1e-7lhsw

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnrB4uUCFzfQly5QWU2m4U7DMbgCQWG3OrEdNYpbFnh8nbnSN7Yb0pZw4JyFQQkJszpNd8D1oL%2FPK4cUEmJu3oyH0d9j45wx1YGzb52yE8LljlxhMgi4Ocrsx3HbytFudlGWytfo2WM0ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFYP1EoYbaOWlgQ7f5rXL4k&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg9ng-tmdxnIjDxumd-co0tXuBHk2mVwMv2MCBdKujNdyacChiwM41I3j_bhK2QiArlOgHwMpgmu_c2eOfSgXUDYHu-BODB78ioVGiDiGd61mnX0pBvRvtVx_umj64zouJACFvZ5gwmavbb1e-7lhsw
cache-control: no-cache
cf-ray: 75c97249ae2cdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame B37B 43 B
296 B 298ms
43ms Image
image/gif 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEpAf8tgBpmaHtpK-P4UMD4&google_cver=1&google_push=AZmPxg_FRN2diKDUYmAAhq4Vi4WzSvWsjme1BkawMJBd5sKzWFDUddU_PCLl95bHUyH-nhYkgewfMXi_mrp7qJAdUYdeo86B8HmF45CWo4FC2XwfMC4sx07cy-YFdFHXYKy2TXsPJ348W9ANtLjcC24WqA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=83&adk=1704753671&adf=4039964389&pi=t.aa~a.2099106092~rp.4&w=1126&lmt=1666181799&nsk=c76d1a55&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x83&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=2&bdt=1377&idt=-M&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600&nras=4&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n8lCS3QYxI&p=https%3A//rebenok.cn.ua&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B37B 0
12 B 51ms
49ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13La_D7wTzjeIIVm8Is9qEB1pCYEkfQY_sWBhDWLKZXMvStv_MMP3UxAaXDOtEysVaBe42lb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A12
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:42 GMT
expires: Wed, 19 Oct 2022 12:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AC9 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A28
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAAF8HxfsLWEEc7MTAHrFmE&google_cver=1&google_push=AZmPxg8jTrdQ2SIQYFaKUSPpxcPBwiHu7V9gqANXDxbvdEHefoj4TWvQC8...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8jTrdQ2SIQYFaKUSPpxcPBwiHu7V9gqANXDxbvdEHefoj4TWvQC83LNGvWpUb54PZJ9PYBZ4229vBq3YcDOF0h9QmDtLR1&google_hm=8E6KnS65l91i...

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8jTrdQ2SIQYFaKUSPpxcPBwiHu7V9gqANXDxbvdEHefoj4TWvQC83LNGvWpUb54PZJ9PYBZ4229vBq3YcDOF0h9QmDtLR1&google_hm=8E6KnS65l91itV3Gp_Bplg

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8jTrdQ2SIQYFaKUSPpxcPBwiHu7V9gqANXDxbvdEHefoj4TWvQC83LNGvWpUb54PZJ9PYBZ4229vBq3YcDOF0h9QmDtLR1&google_hm=8E6KnS65l91itV3Gp_Bplg
pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A28
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEK9wECbFDlRRhzQb8U7ESvY&google_cver=1&google_push=AZmPxg_6p0RR3VG_jng4D5MDE5GvpoVFRmKLLiR3rRt-8M5bVr8laOFDwO0pTOv5nTiQv8L_iTgiv-NVl0xZOayG_pz8rsrF9AxM
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_6p0RR3VG_jng4D5MDE5GvpoVFRmKLLiR3rRt-8M5bVr8laOFDwO0pTOv5nTiQv8L_iTgiv-NVl0xZOayG_pz8rsrF9AxM&google_hm=Q0FFU0VLOXdFQ2JGRGxSU...

170 B
188 B

54ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_6p0RR3VG_jng4D5MDE5GvpoVFRmKLLiR3rRt-8M5bVr8laOFDwO0pTOv5nTiQv8L_iTgiv-NVl0xZOayG_pz8rsrF9AxM&google_hm=Q0FFU0VLOXdFQ2JGRGxSUmh6UWI4VTdFU3ZZ

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 12:16:41 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_6p0RR3VG_jng4D5MDE5GvpoVFRmKLLiR3rRt-8M5bVr8laOFDwO0pTOv5nTiQv8L_iTgiv-NVl0xZOayG_pz8rsrF9AxM&google_hm=Q0FFU0VLOXdFQ2JGRGxSUmh6UWI4VTdFU3ZZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A28
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8iC4ju...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8iC4ju...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkxMjE2NDMwMDA3NDcyMzI1MDk1NA%3D%3D&google_push=AZmPxg8iC4juze7__fgTqutTZA8EXhZuM_clumW_NtuNH33E97lJEUj5aEairwvoKaK9xd...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkxMjE2NDMwMDA3NDcyMzI1MDk1NA%3D%3D&google_push=AZmPxg8iC4juze7__fgTqutTZA8EXhZuM_clumW_NtuNH33E97lJEUj5aEairwvoKaK9xd65kW-IPXL4H_Ol-hQEe1Ol0E8oxxa0

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkxMjE2NDMwMDA3NDcyMzI1MDk1NA%3D%3D&google_push=AZmPxg8iC4juze7__fgTqutTZA8EXhZuM_clumW_NtuNH33E97lJEUj5aEairwvoKaK9xd65kW-IPXL4H_Ol-hQEe1Ol0E8oxxa0
pragma: no-cache
date: Wed, 19 Oct 2022 12:16:43 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Wed, 19 Oct 2022 12:16:43 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 8A28 43 B
64 B 37ms
35ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMUKYxU5sI9vCoqZRjaQVd4&google_cver=1&google_push=AZmPxg8LsRcQZHSKIyyJ7iIquNkDdH7Xo41kTEjtg9IrkRBvDTC12sBudII3FoA4bJzhW10bdYGRy5RDjlUTVNp13kKC4cNwCUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ia0tutav2bbgtiu2m35hce68svdm0905

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8A28 0
41 B 35ms
33ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHCDa6Veo4CQzwLrRnLbw1g&google_cver=1&google_push=AZmPxg933oLKa9Unr-aUYpIMZBoMU7mrgRIiHMFirdu-MwLRRDlQb7QCu7EXoqfRhbK4HQVCFxT99LBUZaASaYE1IfjBXHMgwmI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3679149649306168&output=html&h=80&adk=998214637&adf=3494539017&pi=t.aa~a.69130693~rp.4&w=1126&lmt=1666181799&nsk=83503ade&rafmt=11&pwprc=6014074186&ad_type=text_image&format=1126x80&url=https%3A%2F%2Frebenok.cn.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666181800746&bpp=1&bdt=1377&idt=0&shv=r20221017&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce610df9248f2ff5-22b6951e4ace00a6%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg&gpic=UID%3D00000b7577243b58%3AT%3D1666181800%3ART%3D1666181800%3AS%3DALNI_MYUKaPkwkuXZFh1G55XussoE8flEA&prev_fmts=0x0%2C1200x280%2C282x600%2C1126x83%2C1126x80&nras=6&correlator=2552228943737&frm=20&pv=1&ga_vid=1065341134.1666181800&ga_sid=1666181800&ga_hid=1241293373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=91&ady=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070415&oid=2&pvsid=2617035776689384&tmod=1749024509&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=C986kInsZ4&p=https%3A//rebenok.cn.ua&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 19 Oct 2022 12:16:42 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A28
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM1B1jU0mbbUcim4qekTMsw&google_cver=1&google_push=AZmPxg-Lgxe5eUHIlk4Lyc119Y7sNp5z2grc_mTV8zta-Uk_nHsaOgF2Qm0ylulFV0UscvAUkC5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JWFEtMVMtRjVUUQ==&google_push=AZmPxg-Lgxe5eUHIlk4Lyc119Y7sNp5z2grc_mTV8zta-Uk_nHsaOgF2Qm0ylulFV0UscvAUkC5kbrzQ2JHF6AX5OzMkYt2OB8VQ

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JWFEtMVMtRjVUUQ==&google_push=AZmPxg-Lgxe5eUHIlk4Lyc119Y7sNp5z2grc_mTV8zta-Uk_nHsaOgF2Qm0ylulFV0UscvAUkC5kbrzQ2JHF6AX5OzMkYt2OB8VQ

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGTE1JWFEtMVMtRjVUUQ==&google_push=AZmPxg-Lgxe5eUHIlk4Lyc119Y7sNp5z2grc_mTV8zta-Uk_nHsaOgF2Qm0ylulFV0UscvAUkC5kbrzQ2JHF6AX5OzMkYt2OB8VQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A28
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEECwn7P-BlzAiyakLqpZJPU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEECwn7P-BlzAiyakLqpZJPU&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg-_UyHmKHpemeyb_npsZ5mpy0qPQsYRE...

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEECwn7P-BlzAiyakLqpZJPU&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg-_UyHmKHpemeyb_npsZ5mpy0qPQsYRE2K2MmrPiYGW-kLB8ZrZkiSH8zdR8hCjHU5R-CyZTqITMyKI2kwd22-g-uSI5Iiw

Requested by

Host: rebenok.cn.ua
URL: https://rebenok.cn.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ3pwbOvVvAV0%2BiBeR%2B%2FpP1SJBNiRkB629g5Bl0XjN7Fc3EMG%2BlhVGSPlkWDIreEaOH0tzyH6FajE4Gg3%2FKRmH%2B8u25zfKq13CS%2Fyz0PrWrQAWsX4DxlFk3fZplIXoqNDmevw55zZ%2Be71Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEECwn7P-BlzAiyakLqpZJPU&google_hm=Y0_qqV-fWn8Ni9__9XqxmwAABF0AAAAB&google_nid=index&google_push=AZmPxg-_UyHmKHpemeyb_npsZ5mpy0qPQsYRE2K2MmrPiYGW-kLB8ZrZkiSH8zdR8hCjHU5R-CyZTqITMyKI2kwd22-g-uSI5Iiw
cache-control: no-cache
cf-ray: 75c97249ae29dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8A28 0
12 B 51ms
50ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IRE0i6YkIjeaVdduaqXppVpJ3VEwElqianO-_kcqHbx7fC5HKCuhervPRN3bazRfF1Iddk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F29
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:42 GMT
expires: Wed, 19 Oct 2022 12:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 894C 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8CCA 0
54 B 456ms
155ms Ping
image/gif 2607:f8b0:400e:c0a::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9flmhy0&c=6210845667863&slotId=3105422833931.5&qqid=CJmN3fKi7PoCFZPs7QodVjEEPQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=13&vhc=0&msm=1&aits=18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400e:c0a::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E63 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 59ms
59ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221017&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9dd6288d6561f20fb482148a6781e4d0f625b32003c2f89bce6cfd919c8b93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11189
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 12:16:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A151 0
22 B 78ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFwQEqupPY6tim6KBB4L9hpAOAAAAADgB4AQC&bg=!2Nul25_NAAYeOJy_Pjg7ACkAdvg8Wp-0nUrhY0LkEFXIa_P04-yRPuP2GhDyn1vBms-r7PSmh7bLnQIAAAEoUgAAAAFoAQcKAEPT55Pgrj_i4EFwSRySOpeB53kBmXkqukWnqspQrt6WNr86a6I1y3FfSTHAsC2I3Rfy_II8Xeocnok0aJ6O3ScKytZSmQMFkR5vgRoTPXbGkhDA2gIFvwjEccsqrfog40z5UgLjwHfW7k5l5X4VZtbT86luyqqEdFahjrZtGSD5vKlyHDDkSPrDrMW-FLqHSCHzO6_V5qb_dSWUuENTW1rwgX5mHfnZoNT-meF3LUai4j7fnVocMyzvme2UHDeB-V77mgb2T-X8nxLyWwTUbXMp6NyMMtUcoFCy3lP5uCXz1PQmqbaDov608ciaA_f0k-MRsSoS7IoMooIx9aIMNkrI2gnxibIwDXJkUeGQ7TMKy1mGh71LKf9dJvDdhT6trP773JTM4aJkPAfGRD-ypqS0GNVbm-T_MiFWdpRaFDynCc4bYVE4gmqDyrBXDfPC2Lr9IwRwQVkgx7g3zmj6XaBJBm8vFTgQ-PkfM7duum-0CEsb063Xqu2WqgbO0OnPY5czVQ1s1FRIQ6gsKGkDhm8rLn5BejeWz5uq9LHwcVbscm0Eu-s0kISB0unyQLXoJkoV1WJUC03Ll911fYGSa7QWPxVdx2aQMi_Z6vIXx0G4vDf3q3VgreobHVCOuKyQKKZEv9X-spmgtBlLtyJt0Ayx_lW5TTnvh0zQF6zM7O0RlVYpfNWo3chkRMfVclakBCZi3r7vR6csyFMrrG8NjRhKBCYhk8riDlerjbZLgE8Wf1G8V678v4Kgocdbb087aeCUzF75RlVlvc4zK7Y3oo7PKK67cTFHAEdUYDmdqOsCz671R2o08HfQVU_zqwLevP_g5JSBUKcLi4gW5O7soqW9QNHX32n_ftjJgbRVS6JhXfDoVu-dbMQzZcA1_mz8tiQIv7ToLO7kKzaRnebsbtG9Hogs9XuIbQcUu5y2TMi3KKGdrjwhaL5cISTViIjPQzv9TtQ4-NAIfBoqQfGiORN4bjmCQ_JfOjmQDW_GCdZul5LJIEAvy8RwAwesaPhN6kGVkah5PZV-k5Y2k6sNSCZwGumzwD-UqJXvv7FLZ5Qiq7WuxqWMvk8yQB6HjfQT3evV3oKLhVi4RvslZ4HaCGNoHp7PBV2e8DX7kp0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 518F 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:04:40 GMT
expires: Thu, 19 Oct 2023 12:04:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EAAD 783 B
534 B 53ms
52ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef85edba8c7ab52580ab8c47e337f86f8e7833cdfd9c0770acde1c39f033d1bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3ORqmKvauFDOShtpZNJQvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rebenok.cn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-3ORqmKvauFDOShtpZNJQvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 12:16:42 GMT
expires: Wed, 19 Oct 2022 12:16:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 518F 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EAAD 0
0 74ms
74ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221017&jk=2617035776689384&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 518F 0
12 B 40ms
40ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nkf8OA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:16:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF3A 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgOk-3pmLZ2bxu0CUrmkhRAIdkavq6WuYt-65TjmERmteT6s6TTmMI-yO6RIYf2jGqHchNzp-_6ZDiFlVGsnw264tSHMpZsrz8V4Fo7rGOmuGoRpTtLI-FW_GaSt3nLgSYjieP84hrZ3UBGYLM4dhUTWqBYRhmN3MCHMRD2IYCEpPXFsJLIwVWnYBhjt9s3DyN_ZOWVCZfubXIYdxzGD29h4lZUzeXMz5B_H7GivF4-iVKLfDV6NvqxgMbr_12F1VeKduIWcp7Y4ArDcyYavD3cclZOw6HyGHWcdxdyjP12QTaCLfEAAybbd6wlOGpchkucp7oILbYWM7m7Gyh-6SfainedMxfWdBZJneDbW2-Z6cxvy05qgXVBX8YhYiVEBH-IYQzJ6wGsM47IlByqMsX9z8FzXhuFDKUq8L4BwBSfwjmfqIu858vkUmtuEDocry85pz65FWtSnwIWaLS6J5TEJe51cxtOIvdhu-WNvf6-KfTIiFg4qm3jKlkuJuz3wCP1FAnj7s2jmxipVr-D0t1thqCl8C7loj-6we3_mjQYhNAL7rdsVjdsBvMXI1rYq-CdjDhe8CgP77Gs9jCqeS_9RI6Qb8V0KipYUumZtdu9XxEqUsQX_EiDt3inn1ETyuDneFHIBsFgC1kZRQH7BMIQHAYTK8Y7oxm74H9Ge0BzIVSRkceji4VOYh-1RD0HJWSjbXiDTeDzDYlWP86z0xh-lYwLMWJK6Fs54IHmiUFExeaj2dkkFS5SvgCUrL7wg_T3TzRV0ZmbSRfwDriyMAJVyjxLXWi1PITQEv4hELZwZr1Fgby98ckqCygQ13fM7v9bC6Gxq0qqVfttmTi_0Eho_JEkawAlxr6JdliPBoG-XmdmyLyGj6ipYjlgLjCf6FHwzGrrJ8BSxWDJaMDSFSoAQbLSVQ17juZpXYN1r_uQ60f3X86_DhKbXYS61Fqks3UlhfWcKga0CoEAt3xGGBCs78pocJcqYoNYCR24pdZb4a7XTJL2S27U3sIbs0ELzrq-ky-bNXKDgKBmLWNnt-TVZIpCHqvk-RXP83SgTDW6fTyVUMEEljJiaxfdts&sai=AMfl-YQcHO9QspmqSKxzDi04xTOXl2obz4PJT-Bdfa7CQL4h6LjL4vg61QTKlrWMc-mmPrhE59IhhgbJZ7mKaS0pdIY1pyfoc_T4_TId&sig=Cg0ArKJSzAqp9PS5FeMrEAE&cid=CAQSGwDq26N9LJax61WIOOtYuO6DYKu-nP4ulaxckRgBIA4&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4144480424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666181800214&rpt=1982&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 12:16:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221017&jk=2617035776689384&bg=!Hh2lHVnNAAYeOJy_Pjg7ACkAdvg8WpM59o0kNZRgwKW-tkfkb1o2BqcIKOFAw4ITMyEcnggycZ9FJAIAAABHUgAAAAJoAQcKACUiiMCSnWryfANadtnvDlazM45H-BOQJVIuhEAH7DJ4dOMs3iMymQKYOW-dR-PyI0A07d0ezi-Xhg8rWWC3_IRiuzNK7dVKSiYxcTJNMc4Z3I7M3dYSbSXK8IkNd_iIW4ywyDiNeBGvJDrXtpbn8IIZ21o0zStrXmCT_pvDOO47kobKt9c7Ffw9WolhEQUVEIrfmtxoXTq0uM919QR7Vs8BrDR7u8smHFdz9Z3YjLtNAvQLSIYgkUPiG5PNCvUxYFnC-Bj0KcD68vF7FCbSSFgwRg4fac7LDzuwGmav-EHCL5RcqMbS7kiLm-9gQ3C9ECWoVwqabjk2xcMLZXAyR46ZVBa8Jzi-a7_yEkcQihTm5RXnJENsqYbnbUkWHpajWAevd5Q8U7-j_9RarFzCED3pVgM0JJ5dZRH1JgVCVWZZH76Fl1aVUObB2EtRdrWFaxQq3tQi0XFp4fdgCjPkNsjg-WIRX04JXEtL9QFMQDX6eGv_IZX8N8aqF8O1U2kAwTerEDM-Vmogg1ew90_LhbSzHJipHKh1dMSWh-OevG5IsTBxExwpJ_0mm2cpiUY73fPntlzSvB-g2qzlBvoMF7DjBFbByRK4wAd92Z6xr8Jrq1JGZ_3-f1meo7MMASsR_ZLlnDZhpTyFhgIRlj8J6ZA7wBoad1B6J2nBfBlDiDzm_qFGTjTT9cpYj9IE6abU5_ejoiwWWWNZBoujj5EUmL4fmXW8g5eV_-GVD8YXI5u3hT8dBLXNtQzpUxGf1jtit1qGvGRYarYLHgSqAY9SAJssPdvNiRBBFvZ8oOD-tiRbZnIRl8EsLTayvg_PVY9zt2Z0Z1sBmZs6I7xEMiE9nx5wAgByFtchXm0VtnvYAHg-VZe_d9FDP3rF4FwgMgShpHv3k_JgsYtm-9K9q4iYnpFEQ4HFp1SO8NnisJNfCCEnhw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rebenok.cn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST event.png
tpsc-eu3.doubleverify.com/ Frame 83EB 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpsc-eu3.doubleverify.com
URL: https://tpsc-eu3.doubleverify.com/event.png?impid=80333c82bf4d4df5a78f279417f0f404&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=152&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=118&vltms=152&sei=289&vetms=139&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=37&isumms=37&nvr=2&isgmmims=37&isgmv4mims=37&elmtp=1&isbxdms=2338&b0=2499&adhgt=600&adwdth=160&norwdth=160&norhgt=600&dvp_vsosnmr=1&lftb=2499&sftb=2499&msrdp=1&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=160&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=36&dvp_dpr=1&ttfurm=3320&cbust=1666181805337945

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rebenok.cn.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0itgaef6js4ace5ch1c8mdp34u
.rebenok.cn.ua/	1970-01-20 16:25:41	Name: __utma Value: 205853712.1065341134.1666181800.1666181800.1666181800.1
.rebenok.cn.ua/	1969-12-31 23:59:59	Name: __utmc Value: 205853712
.rebenok.cn.ua/	1970-01-20 11:12:29	Name: __utmz Value: 205853712.1666181800.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.rebenok.cn.ua/	1970-01-20 06:49:42	Name: __utmt Value: 1
.rebenok.cn.ua/	1970-01-20 06:49:43	Name: __utmb Value: 205853712.1.10.1666181800
.rebenok.cn.ua/	1970-01-20 16:11:17	Name: __gads Value: ID=ce610df9248f2ff5-22b6951e4ace00a6:T=1666181800:RT=1666181800:S=ALNI_MZAA8kgdXO52p5ETeYbP9-e9RdEZg
.rebenok.cn.ua/	1970-01-20 16:11:17	Name: __gpi Value: UID=00000b7577243b58:T=1666181800:RT=1666181800:S=ALNI_MYUKaPkwkuXZFh1G55XussoE8flEA
.doubleclick.net/	1970-01-20 16:11:17	Name: IDE Value: AHWqTUnNdji4Wh1GMcIDOAX1ozXbp5LeiRu0mFG_DFfoCG2S_pywv4LlyyEqO8ljVP0
.adnxs.com/	1970-01-20 08:59:17	Name: uuid2 Value: 618149429903770477
.casalemedia.com/	1970-01-20 08:59:17	Name: CMPS Value: 1117
.casalemedia.com/	1970-01-20 08:59:17	Name: CMPRO Value: 1117
.adnxs.com/	1970-01-20 08:59:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>9jh16e!]tbPl1M>e)ZlrFUfJ+tGXxp6XwIFRADE#RScpH>AMHf9YYU^5X^WcRvj-3-3If)y3KL9D3I?+Aw^?xH
.rlcdn.com/	1970-01-20 15:35:17	Name: rlas3 Value: j/7+R3yCFGMu37wt9WtZSuAbSoB7Rd3o3d2rnqiToeQ=
.quantserve.com/	1970-01-20 08:59:17	Name: d Value: EBABCQGvJ4EA
.quantserve.com/	1970-01-20 16:19:56	Name: mc Value: 634feaa9-8c3e3-ead4c-f29f1
.doubleclick.net/	1970-01-20 06:49:45	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 15:35:17	Name: CMID Value: Y0-qqV.fWn8Ni9--9XqxmwAA
.agkn.com/	1970-01-20 15:35:17	Name: ab Value: 0001%3AsJp3ZAxydAvdYIB37x9evZNTN2vE%2BK8z
.rlcdn.com/	1970-01-20 08:16:05	Name: pxrc Value: CKnVv5oGEgUI6AcQABIGCOndKhAA
.agkn.com/	1970-01-20 15:35:17	Name: u Value: C\|0CEAq4qcpKuKnKgAAAAACAQ13AQGAAQpAAAAAAA
.casalemedia.com/	1970-01-20 08:59:17	Name: CMTS Value: 5159
.innovid.com/	1970-01-20 08:59:17	Name: uuid Value: 60c862bc-2d26-4d07-82be-9fc7b6a2ff7d-20221019 08:16:42
.e.dlx.addthis.com/	1970-01-20 16:19:56	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:19:56	Name: na_id Value: 2022101912164300074723250954
.addthis.com/	1970-01-20 16:19:56	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:19:56	Name: uid Value: 634feaabc542dbb1
.addthis.com/	1970-01-20 16:19:56	Name: ouid Value: 634feaab000169d362bcb281e3904b722ec71ff486aac53e5363
.dlx.addthis.com/	1970-01-20 07:32:53	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:32:53	Name: na_sr Value: 20221019
.dlx.addthis.com/	1970-01-20 06:49:41	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:32:53	Name: na_sc_e Value: 0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rebenok.cn.ua/SPMod/jquery/ui/i18n/datepicker.ukrainian-utf8.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://rebenok.cn.ua/(Line 917) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://rebenok.cn.ua/(Line 917) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://mts0.google.com/vt/data=nw5MuEGD2PrYAVNO0BesBIVHSJ_9We_m3KTuvwn7g3pbl9zinOH503-pbChty0U-yHLV3RFLsDvAaIyWU_yosAmIVo83sTkNjCxI1IM3G36mQ3n108t9M_cce2xXkck Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 111) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
ag.innovid.com
bid.g.doubleclick.net
cdn.doubleverify.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
mts0.google.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r2---sn-aigl6ney.c.2mdn.net
rebenok.cn.ua
rtb.openx.net
rtb0.doubleverify.com
s0.2mdn.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
unified.adsafeprotected.com
www.google.com
www.googletagservices.com
www.gstatic.com
tpsc-eu3.doubleverify.com
104.18.18.126
104.76.200.221
142.250.181.226
142.250.184.226
161.97.175.26
172.217.18.102
185.80.39.216
185.89.210.101
198.47.127.19
2606:4700::6810:5614
2607:f8b0:400e:c0a::78
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:4009:11::7
2a02:26f0:3500:58b::4469
2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95
3.121.8.30
3.248.56.90
34.149.12.213
34.98.67.61
35.227.252.103
35.244.174.68
66.102.1.156
69.173.144.138
0088894a752ca483014f4a03719582b00d71784ce266c238394cac6aa129c559
0a73a6383375c850afc72c94d04c8b8dafe65f456407e424515656870d2660dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd908397b2652c7c11fe8919669cb75003e6477d1ccc76933ff099811b0b64f
0c580c1a28b84e38decb465c5cd7824b7cefb378d21ee9678aa97872bfb57823
10a72dcba4fdb4ca6d1adc956ecdd5276f786d32fa60c0ed10f4d341866e6b40
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
142c8c366c2228c3b1ae753bd7f9f48072c998d887386b44bf924e5f39ac4522
17268f5e6405d38e700f98a793b485b5f1f0491e354ee47039a948699f588c81
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1b59c2703167f01b6d7b987074df9d33f8354207cad4739af173c5887d1ca76a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2b2e895997eb598f5e47c4f0e4e692d13a5fab22bc2f14bc7d70984886656b6b
2bab092657aceb2b6a17675569174d5bcc87c43fca0d0efb23b4203af6c3945b
2d8d81f32e02535a5eda110d85dcafdbebfa1d3544288d9b495a4a4c586a4d25
339f9de97d7dfa22cd934d7a2c1c58c401a31949c2fa895abf54f6a941859892
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3a328ad484228ab0cb2f09effe91fa90fb4918a8113b06c9507cba244211e7a0
3a380dc7d3470052b2fec0f324a6e24d14fb457809f707496dab0eb693480d7a
488c4c5bf195ad39a6cb9f8d430ebd742ef5a6e5f1a78351d77ce5ab575e3a8d
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b2f1d3301f41dea191a858b3e56d652cc68f36d20cdbe25fbbbf794d354a912
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5e849f11b1f3d348b4f504b570ab268f89e735079d46330a80f4df498b96be
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526559b44c14ea86c767c68f2a043b5083a76dfadeab9e3cbde40e16388e3c60
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58bd61c49adee9910a714d97d736fc92bbf3288e09a291314a3bade81902b980
5aaa6e5db037a6b2b9e6e59e3d88fc05553f681615d6ebe959560d97abc54c8c
5d162f1a957634c9f376091ae016a94b3bb7e9b11830eafef203201156289f39
5e46a7daf45145bd03f13fe4a1bda5276b68a3993f58a62eafff42b716c950da
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632f482436667240c92653fabf2dc850d7e2febeba8334301144585acd699ff0
6590dc0cf0a80c482672468c636d18ae9a511aa9a4e073505466a7acc9ee2497
65a6d6f55a819181a6c95b40f216cf68445491ef16768c4fb7b10a1cc35b1101
66ec09bbe1c7cb1644f9532c2b32dcd0ec2a8675bfa958f7aefc40500689bb4f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6d63786c7f25d1b3275a6745d2fae241f66b8eb0b2d638b55e8abc0c9b62813f
6da7d5a78a8fc1e979cde4f15eaf22e8c2350652a809201643e05aa709bc56b7
6e744955a19f8d26234b460476c0bf0837655507418ae21dbe50b6e7be873d96
6fe91e5030d56d2c3eb23a58dec4ec8b52db809e3ca9ee40bebfc83aae730551
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e3ebe44bbd5ec1dfc6ea22929c10e06900262df42a65737c7d3fb884321b70
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
889c56bf96166be6d1ae299043a888c9b2dd883954a18bff255a5b63e3650d8b
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8b99a3d30429a1a9c5f14933ab6fe42c32d9510dae0312113334a5d21ccb50b1
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8ea52ec4feb51c8e0d96f679d0cb6039b81db8d841456f06db7d79d4f98174d8
913cbadf1e8f1cc7876ebe6b7071d40654e7b68769c4610a3450e2d9d0606742
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ae30d4e04805036f9b2da3dc9ebba91a6d053be14812a65b28d2f64f23ef59
a6e561422e0b6bb9f0a0c781534d979d4321a9236f4de00646789806f2adba95
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae993c7be2516456e989926937888479b5b0d66020bdfe9cfb8afadc988bb4a5
b122f36e9c83c60fb0e81b89e37352266fd66635b2a02fbf42ca1c51e396d9ce
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b84416186149b3ef9558abea087b7008eaec498238f45e3b2d14cad16356a5b6
b9dd6288d6561f20fb482148a6781e4d0f625b32003c2f89bce6cfd919c8b93b
ba7ec3677504de2e8315255c02a8770bbe5739ef02206b487556ff168a2f75ee
bd2a13f235b622a98d81621ad0cd93ec60d12abd6c0beb9fafacbe8464ae4147
bdb1cfd83bdb11c370d42ccc26aaadf0a95e202e314e8b24bcd2fa15adef7725
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c17110ecb4dd8937867055f2c8c118e226f789ff94ae3e00f6458c64592aa971
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c99cd3d9ba61c90aa7c2b58a7de4c1a514fb848854f165669051ecae99dde18b
caa14372dafc50e3de942d479a38eaf1006c64a02726d3a3add9ebbf6164f8b9
d7c1a29836ca2dd978e2f50a01de4c754f7e1a89d91a6148378e42d6e47d5a5d
db3b814330e7ea0ae12492547f73ab17f9e56a0c67bca65cb5bca150575052bc
de9cf8ad68766d8ed0b3012454d996591cd9b3b05049b6d501343825839500e5
dedf2eaeb77337bf98e608a642a438bfa88a3e46abcccda8e2d6f4a36f36e9e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
eb8d3c39eab11bf361aa85ec71600be574ab97690e3d5cbffa35a9ddbfecfe07
ebbacea7cea4a0a8d29fd5bf50c630479f854c40dc67b38bd0b04d9e845c2b2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef85edba8c7ab52580ab8c47e337f86f8e7833cdfd9c0770acde1c39f033d1bb
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fccb5ef295539d1c7d5ad4dd4a716d55d44d54221a06bdf44a93935004a00822

rebenok.cn.ua Open in urlscan Pro 161.97.175.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

89 %HTTPS

55 %IPv6

25 Domains

41 Subdomains

34 IPs

6 Countries

4000 kBTransfer

7057 kBSize

32 Cookies

7 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rebenok.cn.ua Open in urlscan Pro
161.97.175.26 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

89 %
HTTPS

55 %
IPv6

25
Domains

41
Subdomains

34
IPs

6
Countries

4000 kB
Transfer

7057 kB
Size

32
Cookies

193 HTTP transactions
7 data transactions