vskidku.com.ua Open in urlscan Pro
85.143.213.169 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vskidku.com.ua/
Submission: On April 27 via api (April 27th 2022, 9:29:49 am UTC) from GB — Scanned from GB

Summary HTTP 136 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 37 domains to perform 136 HTTP transactions. The main IP is 85.143.213.169, located in Russian Federation and belongs to TRADERSOFT, RU. The main domain is vskidku.com.ua.

This is the only time vskidku.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	85.143.213.169 85.143.213.169	201848 (TRADERSOFT) (TRADERSOFT)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3031::6815:22c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	85.192.12.170 85.192.12.170	12695 (DINET-AS) (DINET-AS)
1	99.83.154.118 99.83.154.118	16509 (AMAZON-02) (AMAZON-02)
2	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	88.99.125.123 88.99.125.123	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 6	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4 16	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	193.106.95.134 193.106.95.134	48614 (ITSOFT-AS) (ITSOFT-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	149.5.244.108 149.5.244.108	174 (COGENT-174) (COGENT-174)
1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
1	52.174.47.89 52.174.47.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.5.198.190 52.5.198.190	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
136	39

11 85.143.213.169 (Russian Federation)

ASN201848 (TRADERSOFT, RU)
PTR: 57347.simplecloud.ru

vskidku.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3031::6815:22c2 (United States)

ASN13335 (CLOUDFLARENET, US)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.170 (Russian Federation)

ASN12695 (DINET-AS, RU)

yso70kwbuo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.154.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: a51062ecadbb5a26e.awsglobalaccelerator.com

earzow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.114.204 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

pdayyocpnvh.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dprof.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.125.123 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de.sxgeo.city

api.sypexgeo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.3 (Philadelphia, United States) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.5.244.108 (Valbonne, France) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.174.47.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.198.190 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-198-190.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 96 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	516 KB
20	yandex.ru 4 redirects mc.yandex.ru — Cisco Umbrella Rank: 3434 an.yandex.ru — Cisco Umbrella Rank: 2832	138 KB
13	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	102 KB
11	vskidku.com.ua vskidku.com.ua	848 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	205 KB
8	newrrb.bid newrrb.bid — Cisco Umbrella Rank: 276154	27 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	4 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 6469	135 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 64 www.google.com — Cisco Umbrella Rank: 2	985 B
4	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 27500	31 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	30 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	109 KB
3	gravitec.media 1 redirects cdn.gravitec.media — Cisco Umbrella Rank: 48959 api.gravitec.media — Cisco Umbrella Rank: 40494	3 KB
2	adrta.com 1 redirects adrta.com — Cisco Umbrella Rank: 1666 ipds.adrta.com — Cisco Umbrella Rank: 4887	958 B
2	criteo.com cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10847 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15229	348 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 19601	738 B
2	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 21987	1020 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5401	914 B
2	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 49226	357 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 58	41 KB
2	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 118255	12 KB
1	criteo.net pix.eu.criteo.net — Cisco Umbrella Rank: 8497	18 KB
1	dprof.site dprof.site — Cisco Umbrella Rank: 247988	541 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 149462	351 B
1	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2408	497 B
1	uuidksinc.net s.uuidksinc.net — Cisco Umbrella Rank: 3122	242 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 773	648 B
1	sendpulse.com cdn.sendpulse.com — Cisco Umbrella Rank: 20630	9 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	82 KB
1	sypexgeo.net api.sypexgeo.net — Cisco Umbrella Rank: 579074	983 B
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 6961	663 B
1	pdayyocpnvh.ru pdayyocpnvh.ru — Cisco Umbrella Rank: 145135	48 KB
1	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 4810	3 KB
1	earzow.com earzow.com
1	yso70kwbuo.com yso70kwbuo.com	42 KB
0	acint.net Failed www.acint.net — Cisco Umbrella Rank: 36864 Failed
136	37

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com vskidku.com.ua
16	mc.yandex.ru	4 redirects vskidku.com.ua mc.yandex.ru cdn.jsdelivr.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	vskidku.com.ua	vskidku.com.ua
8	pagead2.googlesyndication.com	www.googletagmanager.com newrrb.bid pagead2.googlesyndication.com vskidku.com.ua www.googletagservices.com
8	newrrb.bid	vskidku.com.ua newrrb.bid
7	fonts.gstatic.com	vskidku.com.ua fonts.googleapis.com
4	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	yastatic.net	an.yandex.ru
4	an.yandex.ru	vskidku.com.ua an.yandex.ru
4	cdn.gravitec.net	www.googletagmanager.com cdn.gravitec.net
4	cdnjs.cloudflare.com	vskidku.com.ua
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google.com	2 redirects
2	cdn.gravitec.media	1 redirects vskidku.com.ua
2	mc.webvisor.org	1 redirects vskidku.com.ua
2	dmpprof.com	pdayyocpnvh.ru
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	prodmp.ru	pdayyocpnvh.ru
2	www.google-analytics.com	vskidku.com.ua
2	www.googletagmanager.com	1 redirects vskidku.com.ua
2	w.uptolike.com	vskidku.com.ua w.uptolike.com
1	pix.eu.criteo.net	googleads.g.doubleclick.net
1	ipds.adrta.com	googleads.g.doubleclick.net
1	adrta.com	1 redirects
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	cat.fr.eu.criteo.com	googleads.g.doubleclick.net
1	api.gravitec.media	cdn.gravitec.media
1	dprof.site	pdayyocpnvh.ru
1	m.trafmag.com	vskidku.com.ua
1	inv-nets.admixer.net	1 redirects
1	s.uuidksinc.net	vskidku.com.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.sendpulse.com	vskidku.com.ua
1	cdn.jsdelivr.net	vskidku.com.ua
1	api.sypexgeo.net	vskidku.com.ua
1	ipinfo.io	vskidku.com.ua
1	pdayyocpnvh.ru	yso70kwbuo.com
1	rum-static.pingdom.net	vskidku.com.ua
1	earzow.com	vskidku.com.ua
1	yso70kwbuo.com	vskidku.com.ua
0	www.acint.net Failed	vskidku.com.ua
136	45

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
mwcjzvmrtv.ru R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
uptolike.com R3	`2022-02-23` - `2022-05-24`	3 months	crt.sh
pwrlkyotm.com R3	`2022-03-20` - `2022-06-18`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
prodmp.ru R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
dmpprof.com R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
uuidksinc.net R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
api.gravitec.media R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://vskidku.com.ua/
Frame ID: 03CB5F0C928C6377806B294EF2DBEEB8
Requests: 84 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/zrt_lookup.html
Frame ID: 6A96CC2B0CDF5352B2C6E0FDE00E62FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&adk=1812271804&adf=3025194257&lmt=1651051783&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=183x900_l%7C183x900_r&format=0x0&url=http%3A%2F%2Fvskidku.com.ua%2F&ea=0&pra=5&wgl=1&dt=1651051783311&bpp=2&bdt=973&idt=273&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=198141109701&frm=20&pv=2&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: DAF13A597F3665FB3CEED4A0C91CE846
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=250&slotname=4734600862&adk=3649808460&adf=1024980739&pi=t.ma~as.4734600862&w=300&lmt=1651051783&psa=0&format=300x250&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783530&bpp=3&bdt=1192&idt=81&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=205&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1eWgjB7LY3&p=http%3A//vskidku.com.ua&dtd=85
Frame ID: E56B6985031704C03E6C6232EC61171C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=286&slotname=2835195835&adk=204702715&adf=4066743136&pi=t.ma~as.2835195835&w=300&lmt=1651051783&rafmt=11&psa=0&format=300x286&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783545&bpp=1&bdt=1207&idt=73&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7g32Plrpyy&p=http%3A//vskidku.com.ua&dtd=75
Frame ID: D847A41EC100B882D0A7948794D6E3EA
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html
Frame ID: D038937FA863345346631F20D9383A7A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CA65EBE2298DB8B627CB305760541994
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0F00B7136A9E7F155ECF83CB3343A821
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 85F699D8A458FB169206C8C5BD3DBBA3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 985060FF8724C8EB41A2152A1D663149
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Frame ID: 84840D151990394273916398F55224B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Акции и скидки каталоги товаров в супермаркетах Украины

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

136
Requests

73 %
HTTPS

55 %
IPv6

37
Domains

45
Subdomains

39
IPs

7
Countries

2427 kB
Transfer

5174 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://www.googletagmanager.com/gtm.js?id=GTM-WMH23R HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-WMH23R

Request Chain 23

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 25

http://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/9e90c6651e133c6cdeedb4420380ef74_0.js HTTP 307
https://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/9e90c6651e133c6cdeedb4420380ef74_0.js

Request Chain 28

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 34

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 39

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A163271189311%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A139445137%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Ast%3A1651051783&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A163271189311%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A139445137%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Ast%3A1651051783&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 40

https://mc.yandex.ru/watch/36729285?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1513032148092%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A358725153%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651051783%3At%3A%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/36729285/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1513032148092%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A358725153%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651051783%3At%3A%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 42

http://www.google-analytics.com/collect?v=1&_v=j96&a=1924496618&t=pageview&_s=1&dl=http%3A%2F%2Fvskidku.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1387307399&gjid=1884068512&cid=1859273188.1651051783&tid=UA-42492266-3&_gid=1777608294.1651051783&gtm=2wg4p0WMH23R&z=163992258 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j96&a=1924496618&t=pageview&_s=1&dl=http%3A%2F%2Fvskidku.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1387307399&gjid=1884068512&cid=1859273188.1651051783&tid=UA-42492266-3&_gid=1777608294.1651051783&gtm=2wg4p0WMH23R&z=163992258

Request Chain 60

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9621.yO3qjuJCP_0Ou5lBQjoOczOzhzRfSpVYgnGmCBNzwKTbENCgYuza9UXmI-aI12uB.av13bljTcrRRDIJjQHYl8D31K6c%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9621.vB7pYM9aA0zk7tB_h0jDSr1AEm8HjcIyam4zYc2_gszmQJPc4xFLW0DZwPMJ1f6DOPy8o6ShSJdMp9hUbcOC_KC1iGxnGdlN2c0BgEJTGpE%2C.hpayK2NN5h_Eb0_jQi9OezGy98g%2C

Request Chain 61

http://cdn.gravitec.media/track.min.js HTTP 301
https://cdn.gravitec.media/track.min.js

Request Chain 66

https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=9d9e3644-885a-49ac-b7a9-369958eb3e8d HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=33020e151afd4710ab83a405186dab25

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://adrta.com/i?cb=62690d074f1227254c1390b8dee0df00&clid=co&paid=co&avid=2378&caid=307306&plid=11117110&publisherId=141477&kv1=0X0&kv2=&kv3=cf3c9643-95fc-46b3-809c-407ec62c8b75&kv4=2a02:8c8:c10::&kv7=314&kv11=62690d074f1227254c1390b8dee0df00&kv12=795405&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web&url=http://vskidku.com.ua&seller_id=pub-5560340847493480 HTTP 302
https://ipds.adrta.com/i?__x=KCFPNCIIDGEICG@IKJNGHNJNIJMKMNMHKMCGLJFHLFNPJNIKCNMJKMNKLNPMNMKFJHPI@HNKGEJINMKPJL@HJPFJHMILLPPFHKJMG@IMJHHKGLMLOIMCFAE@H&cb=62690d074f1227254c1390b8dee0df00&clid=co&paid=co&avid=2378&caid=307306&plid=11117110&publisherId=141477&kv1=0X0&kv2=&kv3=cf3c9643-95fc-46b3-809c-407ec62c8b75&kv4=2a02:8c8:c10::&kv7=314&kv11=62690d074f1227254c1390b8dee0df00&kv12=795405&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web&url=http://vskidku.com.ua&seller_id=pub-5560340847493480

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

136 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vskidku.com.ua/ 27 KB
8 KB 209ms
89ms Document
text/html 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: a34e6ac091a3de786ebb20bbe43211e7197a6267367669330a229cd6be5b5ad0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Apr 2022 09:29:42 GMT
ETag: W/"6a97-q92x+0fRi2Xxx+UEEFWV9lanTBo"
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express

GET
H/1.1 200
OK styles.css
vskidku.com.ua/css/ 161 KB
161 KB 63ms
63ms Stylesheet
text/css 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/css/styles.css?v=13
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fa4f4e8bd3e82a154dc1c4e3c1b8af337749e6528758fdab2e3ed18668ae681a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Tue, 04 Aug 2020 10:56:57 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f293ef9-28472"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164978

GET
H2 200 bootstrap-datetimepicker.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.47/css/ 8 KB
2 KB 94ms
32ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.47/css/bootstrap-datetimepicker.min.css

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c8da579e363feab54671fa5c1c823c37d416198e69f59b78b3e6a8a875d73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1145214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1098
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-1e69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IarULAmF4FAgGBQgUsP3i9GsTKh8R%2FS8B0UkJhA8lLWiryRU6tEaXBZP%2FHyWkaIFZc3TrRfqYqqdOV001huvc7UeoBo4%2Fxr48izqWpe1ABQ59lNpATWXQYNVgFjXIyk7R4fy2CSTLndyk6gMSHQOYVa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 702689086a2974c1-LHR
expires: Mon, 17 Apr 2023 09:29:42 GMT

GET
H/1.1 200
OK 1o1o9.min.js Show response
newrrb.bid/ 66 KB
20 KB 173ms
117ms Script
text/javascript 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.min.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Duration: 567401
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Connection: keep-alive
Strict-Transport-Security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 27 Apr 2022 07:10:35 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqLWqx60RLZnbwpYwOSOOh1Y6avYz9vYbJfHml9hzcEgRQK7p65nNrLrAcvz2NmvPjcq%2Fo3PG5Ykzk8twZ0nU12%2Fe66qQyRbkfcyHwa79aCuYPCGgqNc4zu8fMwn70mj3bEhYbDauD8W"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-RAY: 7026890ad9cd76a7-LHR
Access-Control-Allow-Headers: *
Expires: Wed, 27-Apr-2022 12:34:42 EEST

GET
H2 200 script.js Show response
yso70kwbuo.com/ 109 KB
42 KB 375ms
155ms Script
application/javascript 85.192.12.170
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yso70kwbuo.com/script.js
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c394a024bc6ef1c54fda0ef289476bbf3334b0c18364c273349b361fa186bade

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:42 GMT
content-encoding: gzip
x-adsbid-request: ezb7sadd7kyi
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
server: nginx/1.18.0

GET
H/1.1 200
OK vqu768kypc01r Show response
earzow.com/mn9l17912/ilvpm003y/oln/786/ 0
0 154ms
93ms Script
text/html 99.83.154.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://earzow.com/mn9l17912/ilvpm003y/oln/786/vqu768kypc01r
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 99.83.154.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a51062ecadbb5a26e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK o4wyk5n2ubkwm18d0q.jpg
vskidku.com.ua/uploads/2021/11/30/ 382 KB
382 KB 125ms
62ms Image
image/jpeg 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vskidku.com.ua/uploads/2021/11/30/o4wyk5n2ubkwm18d0q.jpg
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 05c0cc9650ecc54076120a3346e0431eeea14fdf33f300a41cb18f4efb5bfd54

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Tue, 30 Nov 2021 11:44:03 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61a60e83-5f757"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 390999

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/ 57 KB
17 KB 39ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66c58fd2f4fe6a45a6bc4324358819acf1ca53d29ef276013c2ddda8e369d666

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 548834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16963
timing-allow-origin: *
last-modified: Thu, 18 Jun 2020 22:30:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eebeaf9-e5ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ptztm6d2R69Zqf78x8oCz2m8jNLrwNxBRfjVk%2FwSNn6aB51W8ZKxw8IuHpEqUCVF4Ok%2Ba3rGcv0WDbYnXIVhIjoA8JtH6kpBSzrR%2BLKibfcSFXPysdHxpaNYdVQaoex%2BhyE2Y7LBTkaiLfvFNsBx0qz8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 702689099bf174c1-LHR
expires: Mon, 17 Apr 2023 09:29:42 GMT

GET
H3 200 ru.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/locale/ 4 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/locale/ru.min.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fdd4b2c9c5254db6dd7fcec76f191fadbeee0fad138715546aaf5545ced770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15788475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1389
timing-allow-origin: *
last-modified: Thu, 18 Jun 2020 22:30:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eebeb06-11e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5V0K920jnaGMYzVdOG3hMpht4l%2BVz9NtBfH4UtT2xddw7HeIn4yt2Quv9wuKhMSGqU1RarS0oli6Y43Q64%2FoGrB3Rp4TXBOU9jRz5WzpH17WWlg7gN%2Br0PKN%2F9NY75fkSU9B3RsCz8jCXVLCWFruyFg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70268909dc6888b6-LHR
expires: Mon, 17 Apr 2023 09:29:42 GMT

GET
H/1.1 200
OK main.js Show response
vskidku.com.ua/js/ 159 KB
160 KB 62ms
62ms Script
application/javascript 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/js/main.js?v=5
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df792d285829eaad90114f18665ccf83222910a8ff68aaf9c5dc10b97a93208e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Mon, 13 Jul 2020 09:12:44 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f0c258c-27d20"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163104

GET
H3 200 bootstrap-datetimepicker.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.47/js/ 38 KB
9 KB 34ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.47/js/bootstrap-datetimepicker.min.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5899ac40c0c8c8a4cad594af3863ff8d8c2a4a9c561af1b59605b50748119f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1165235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8389
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-966e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx4gVSOroie881SWosCxNmjsd4CQuYudbFuDr5tt0mXLwX%2BQwRJ4l9zQPRFYKE5%2BqQihvdZ6n7Od%2BEKlsWb7umz6dC8DCu6wMbGVWw2JQkqnBL0pIfUtKcRiKELpVfDIsEyJDveLUMPlUsg6sAMgzWtM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7026890a7d6688b6-LHR
expires: Mon, 17 Apr 2023 09:29:42 GMT

GET
H/1.1 200
OK search-cities.js Show response
vskidku.com.ua/js/ 2 KB
3 KB 64ms
62ms Script
application/javascript 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/js/search-cities.js
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f34ade6dc0d499b5ca315d3fbf64325e8f61215e96af8d0c21cfe8c31f87f7e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Fri, 21 Sep 2018 18:32:59 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ba5395b-93e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2366

GET
H/1.1 200
OK autocomplete.js Show response
vskidku.com.ua/js/ 4 KB
4 KB 125ms
62ms Script
application/javascript 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/js/autocomplete.js
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9972c1d6e20b850874167ce02c076f58481dac8e1a4a86a2fc56699fefd9f2c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Fri, 21 Sep 2018 18:32:58 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ba5395a-e64"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3684

GET
H/1.1 200
OK subscribe.js Show response
vskidku.com.ua/js/ 5 KB
6 KB 124ms
62ms Script
application/javascript 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/js/subscribe.js
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b93b564a019bf8151a91abec8a6430bc313620cee0b2837aecf15e53f2c7fae9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Fri, 21 Sep 2018 18:32:59 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ba5395b-15f0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5616

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 328ms
152ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=43294
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2b840c2c8a24de1cc8ef553d34437c6b4ac11edee846f9b962947b1faf4a7604

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8

GET
H/1.1 200
OK prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 64ms
37ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rum-static.pingdom.net/prum.min.js
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 11 May 2021 14:01:38 GMT
Server: cloudflare
Age: 1872
ETag: W/"609a8e42-1849"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7026890aadc288b6-LHR

GET
H2 200 b286ae57.js Show response
pdayyocpnvh.ru/pixels/ 139 KB
48 KB 334ms
158ms Script
application/javascript 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Requested by: Host: yso70kwbuo.com
URL: https://yso70kwbuo.com/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1e508a9583f7eed5aaf6ab887e2a95f01855809251830231b765a3d59e43d96c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
cache-control: no-store
last-modified: Fri, 25 Mar 2022 06:57:36 GMT
server: nginx/1.18.0
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-WMH23R
https://www.googletagmanager.com/gtm.js?id=GTM-WMH23R

111 KB
41 KB

145ms
53ms

Script
application/javascript

2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMH23R

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2346f0a21cf0bd04d9f34d297e8c0e735cd4aaa70f90b3f8e82f5ffef175eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41083
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 09:29:42 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-WMH23R
Date: Wed, 27 Apr 2022 09:29:42 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK background.png
vskidku.com.ua/img/ 12 KB
12 KB 105ms
62ms Image
image/png 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vskidku.com.ua/img/background.png
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/css/styles.css?v=13
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 15dda6b402fd9a7ed1bc325966352797900fc4e0389f512380617c188325a169

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/css/styles.css?v=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Fri, 21 Sep 2018 18:32:58 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ba5395a-2e5b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11867

GET
H/1.1 200
OK / Show response
ipinfo.io/ 303 B
663 B 154ms
126ms XHR
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

http://ipinfo.io/

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/js/main.js?v=5

Protocol

HTTP/1.1

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

ff67ee8a25e1cdd185a2ca450e0d86b5c28e5c861e58dd4d419528f732631136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
transfer-encoding: chunked
content-type: application/json; charset=utf-8
Via: 1.1 google
x-envoy-upstream-service-time: 3
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK fonts.css
vskidku.com.ua/css/ 38 KB
38 KB 63ms
63ms Stylesheet
text/css 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/css/fonts.css
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/js/main.js?v=5
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cbd4d3027f4036e91fe38460913bf1be0725c71d674b2b892e5a25c0e39b3844

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:42 GMT
Last-Modified: Thu, 28 Nov 2019 13:43:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ddfcee6-9600"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38400

POST
H/1.1 200
OK 1o1o9.json Show response
newrrb.bid/ 59 B
895 B 123ms
96ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.json

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac5cb4721b26faf71da95d8825d855ec7e2588558733e84fd724fe2f21928f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRF9l0w%2F8FnUtudS7rP%2B0c%2Bh60x6Ni6%2BLLELIux0rv2bBfgbvcdXyy9hI4GB3JUW39RKgRP6T%2BprCQb%2BxYBTLjJ945BUb1RJBOP7xtSs1SmOb%2FRrT5wbD0HNXs1MoVLSCW%2F3Zep7WPxe"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7026890bed97547b-LHR
Access-Control-Allow-Headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK 1o1o9.json Show response
newrrb.bid/ 8 KB
2 KB 123ms
96ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.json

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b1ddd4b73ae9ff6982270e53480ae2957f0d1f8e96887f6c1d7992878faf1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0am9IsqM9r6ebnEsMQtNvG6OJAg%2BZHDBRTij90KiI1qYpHogkLwUvxA72tZz4NvTjx1J%2BjovxxTeLuT7kb23wAN3BnJqt%2BCYp%2FJM3cEVDowWZGbjqqX%2BmpPi6LiEa7yqvNZ7DEzwHyJ"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7026890bfee1776e-LHR
Access-Control-Allow-Headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 5.187.21.104 Show response
api.sypexgeo.net/json/ 1 KB
983 B 158ms
55ms XHR
application/json 88.99.125.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://api.sypexgeo.net/json/5.187.21.104

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/js/main.js?v=5

Protocol

HTTP/1.1

Server

88.99.125.123 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de.sxgeo.city

Software

nginx/1.21.6 / PHP/7.4.27

Resource Hash

737cbc10029b4d0623f768fa0471ad254a891f421a336679512995fe3afee987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
Server: nginx/1.21.6
X-SxGeo-Server-Location: Germany
X-Powered-By: PHP/7.4.27
Strict-Transport-Security: max-age=15768000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-SxGeo-Server: de.sxgeo.city
Connection: keep-alive

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

130ms
40ms

Script
text/javascript

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4352
date: Wed, 27 Apr 2022 08:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Apr 2022 10:17:11 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 203 KB
82 KB 106ms
43ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc1c04e61c0654c571b864e441c63070556fd8d4402c8edaaa12b45d4bd83d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 346
x-jsd-version: 1.227.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA, cache-lcy19238-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"32b1e-ZVTZzAy55/iZd38j8sqHYpUabfo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TumlTffSDBu5jyVgNna7CtvmrKfLP6vKjKN%2BgROCyYvHxXH6%2F7T0El4eAV5GEfk%2BqBK7Js9xb2b7KcDeULPOJFUcAD5TKwJXVH4bhzceRJutXpFdGLz836V1UsTOKjD4nLdbsT4Kg3zmfLl%2BPpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7026890ccaff886b-LHR

GET
H2

200

9e90c6651e133c6cdeedb4420380ef74_0.js Show response
cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/
Redirect Chain

http://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/9e90c6651e133c6cdeedb4420380ef74_0.js
https://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/9e90c6651e133c6cdeedb4420380ef74_0.js

26 KB
9 KB

145ms
40ms

Script
application/javascript

2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/9e90c6651e133c6cdeedb4420380ef74_0.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

c9bd4b89988c4f887f63cb9d8304af55631de00ad8de5fe3f0269b6859c1184d

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: uvu0vv3Hn6I
x-77-cache: HIT
x-cache: HIT
x-age: 74553
x-xss-protection: 1; mode=block
x-77-nzt: AcO1ry9ud4HvOSMBAA
x-accel-expires: @1651582030
x-sp-ma: ma5
last-modified: Thu, 25 Feb 2021 09:09:27 GMT
server: CDN77-Turbo
etag: W/"67a6-5bc258232a01a"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
cache-control: max-age=31536000, max-age=604800
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Fri, 25 Feb 2022 10:51:59 GMT

Redirect headers

Location: https://cdn.sendpulse.com/28edd3380a1c17cf65b137fe96516659/js/push/9e90c6651e133c6cdeedb4420380ef74_0.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
55 KB 99ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WMH23R

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd4ef5e970dcf319aafa1587afc3305f264a6cf3ec4a0e991afb643d6868471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2342385996378613910
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 56236
X-XSS-Protection: 0
Expires: Wed, 27 Apr 2022 09:29:43 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/8b2dbbd635caa4cb4d75239e27206a09/ 64 KB
18 KB 433ms
51ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/8b2dbbd635caa4cb4d75239e27206a09/client.js
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WMH23R
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0e3baed415ccaeee8ad69314d0f51df053c4c5deeb9a1edabb2e52699493189f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:05:14 GMT
server: nginx
etag: W/"61fa494a-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:36:07 GMT
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET

aci.js
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

0
0

POST
H/1.1 200
OK 1o1o9.json Show response
newrrb.bid/ 59 B
899 B 65ms
65ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.json

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6907f18fe198e91fdb2210035c29ef6487b034439d4fec354f3a07e9cc299d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfJ1qWNuAm5Q83DgbIi3k4ku%2F1eZC8t7ra013%2BNkwe%2F%2FX18aSuePBFEmq9tl7Xxc%2BFoRsvaww%2F%2B6Epoi%2B4S2rs8V7BnQsi5ML5l7WksIkw5gZl9Es1D8aK%2FJsQbKeVPIbyfKvA8EyM6O"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7026890c8e65547b-LHR
Access-Control-Allow-Headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK fontawesome-webfont.woff2
vskidku.com.ua/fonts/ 75 KB
76 KB 63ms
63ms Font
application/octet-stream 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/css/fonts.css
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://vskidku.com.ua/css/fonts.css
Origin: http://vskidku.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Last-Modified: Thu, 28 Nov 2019 13:43:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ddfcee6-12d68"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160

GET
H2 200 EJRVQgYoZZY2vCFuvAFSzro.ttf
fonts.gstatic.com/s/ptserif/v11/ 102 KB
60 KB 123ms
39ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFSzro.ttf

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e866bcf0d0aed2ab9ad34f5520f9e9569744b0f8da4bc2caf05b0105fe0e199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vskidku.com.ua/
Origin: http://vskidku.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 21:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60791
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:24:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 21:09:58 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qWVy4.ttf
fonts.gstatic.com/s/ptserif/v11/ 94 KB
53 KB 187ms
105ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRSQgYoZZY2vCFuvAnt66qWVy4.ttf

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e7f7ea76d9b50b0676b66a26c656cf81d16f80b71dc888f252dd0326edc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vskidku.com.ua/
Origin: http://vskidku.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 09:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54370
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:18:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 09:56:30 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
55 KB 322ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f5ed3c282caf986d767d034fc09b2154c15556e7a7aeaa843c84580ea2edad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56243
x-xss-protection: 0
server: cafe
etag: 4852522036836245655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 09:29:43 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

143 KB
51 KB

255ms
153ms

Script
application/javascript

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

dfc3892aeb7a998ebeb2eb3ed7f64295c008d8ec3e7456159e6575b2bf1bbad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-cba8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 52136
expires: Wed, 27 Apr 2022 10:29:43 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
844 B 78ms
77ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1651051783138608
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=43294
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5d4c78c0ad5487b0aa5f152f0e495b65464925810123afe32d8c646dd85a77b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 21 Apr 2022 09:06:31 GMT

POST
H/1.1 200
OK 1o1o9.json Show response
newrrb.bid/ 59 B
887 B 67ms
66ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.json

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34800344c715c0af51ec856df57439df269002bbb776cb5d5da9ef0118cdce91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXx8rlBTPJy1RqExOjnG4vKlmRZhE0MNsxLdXmUW6Tsgl0OWmbebMgFZrOZlnMMY0T%2B2qnlW6ZXhbQUVhmPdCG5jebAoeXKDawcTxkCWSbEGzFD%2FXAdHT%2Ft8qKLyE%2BZv0pbyNoCN1q9e"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7026890d0ef6547b-LHR
Access-Control-Allow-Headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pclicks.js Show response
prodmp.ru/ 0
223 B 223ms
71ms Script
text/javascript 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks.js
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
vskidku.com.ua/ajax/city-slug/ 9 B
250 B 105ms
104ms XHR
application/json 85.143.213.169
TRADERSOFT

General

Check archive.org

Show headers Download Go to

Full URL: http://vskidku.com.ua/ajax/city-slug/
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/js/main.js?v=5
Protocol: HTTP/1.1
Server: 85.143.213.169 , Russian Federation, ASN201848 (TRADERSOFT, RU),
Reverse DNS: 57347.simplecloud.ru
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 3045b5c998d76c75f480b2e91388b6adef07205004129c0b8dffee745b4aa77e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://vskidku.com.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
ETag: W/"9-4FlWsYXUYxHm+Qs8JcIKSd4/hqU"
Content-Length: 9
Content-Type: application/json; charset=utf-8

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3A...

174 B
209 B

84ms
83ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A163271189311%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A139445137%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Ast%3A1651051783&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2ea6618abdce92dcab2fc38778627cddd734f8a35c889483f6c47cf3f1b6713a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 27-Apr-2022 09:29:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 174
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:43 GMT
last-modified: Wed, 27-Apr-2022 09:29:43 GMT
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A163271189311%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A139445137%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Ast%3A1651051783&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:43 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/36729285/
Redirect Chain

https://mc.yandex.ru/watch/36729285?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.ru/watch/36729285/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala...

357 B
497 B

76ms
76ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/36729285/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1513032148092%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A358725153%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651051783%3At%3A%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8b57a0fad813caad701e6b690dd6029efd84a05dad6fa2241be71c277fcd432f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 27-Apr-2022 09:29:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:43 GMT
last-modified: Wed, 27-Apr-2022 09:29:43 GMT
location: /watch/36729285/1?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1513032148092%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051783%3Ac%3A1%3Arn%3A358725153%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651051783%3At%3A%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 100ms
33ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42492266-3&cid=1859273188.1651051783&jid=1387307399&gjid=1884068512&_gid=1777608294.1651051783&_u=YGBAgAABAAAAAE~&z=1015798332

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Apr 2022 09:29:43 GMT
content-type: text/plain
access-control-allow-origin: http://vskidku.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j96&a=1924496618&t=pageview&_s=1&dl=http%3A%2F%2Fvskidku.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D...
https://www.google-analytics.com/collect?v=1&_v=j96&a=1924496618&t=pageview&_s=1&dl=http%3A%2F%2Fvskidku.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%...

35 B
55 B

115ms
37ms

Image
image/gif

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1924496618&t=pageview&_s=1&dl=http%3A%2F%2Fvskidku.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1387307399&gjid=1884068512&cid=1859273188.1651051783&tid=UA-42492266-3&_gid=1777608294.1651051783&gtm=2wg4p0WMH23R&z=163992258

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 07:28:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j96&a=1924496618&t=pageview&_s=1&dl=http%3A%2F%2Fvskidku.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1387307399&gjid=1884068512&cid=1859273188.1651051783&tid=UA-42492266-3&_gid=1777608294.1651051783&gtm=2wg4p0WMH23R&z=163992258
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 368ms
227ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 27 Apr 2022 10:29:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/ Frame 6A96 10 KB
5 KB 121ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220425/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vskidku.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 58463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 17:15:20 GMT
etag: 3347421328414474149
expires: Tue, 10 May 2022 17:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/ 308 KB
110 KB 206ms
119ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5560340847493480&plah=vskidku.com.ua&bust=31067235

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d270adc96922766fd7af68c5230c0cb984f91f2aa98246023cc7d47d15874e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112819
x-xss-protection: 0
server: cafe
etag: 14328129158070717809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 09:29:43 GMT

POST
H/1.1 200
OK 1o1o9.json Show response
newrrb.bid/ 59 B
887 B 95ms
95ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.json

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e1248dbd3e792ecd076e5d5dc7efe17a2a8434fa49832e92daeb6b34f4ff41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2bBNqEgeRosorDoxpgXuUR6xCeWuYO9C0B8UjFPMWv8%2BJ5YCu6Wb2KI30%2Fe4bJZ86VEplWxz2%2FeUROPMUtyE6rz7jDvHAki0PYFsUwYZHrMfNkF0jMN09Ll68e4Na%2BHuqhvEERTUEXv"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7026890f5a9e547b-LHR
Access-Control-Allow-Headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
Ok context.js Show response
an.yandex.ru/system/ 285 KB
82 KB 178ms
94ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

http://an.yandex.ru/system/context.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

HTTP/1.1

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3fe4972a8d59f40d2f761e3e621cac2966162266c9f35886e3744424234ab627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Yandex-Req-Id: 1651051783674214-1335695857644368270100186-production-app-host-sas-pcode-113
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
X-Robots-Tag: noindex, noarchive, nofollow
Keep-Alive: timeout=600
Expires: Wed, 27 Apr 2022 10:29:43 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 206ms
154ms Fetch
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=8b2dbbd635caa4cb4d75239e27206a09
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/8b2dbbd635caa4cb4d75239e27206a09/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 138a884dc4661fbbcf2cdb052fbbbbcbf2f8221cc7f8c0843f83e2d88ab559c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
x-correlation-id: 34dc7ecfc4556f9fa8765149b2759613
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
648 B 129ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vskidku.com.ua&callback=_gfp_s_&client=ca-pub-5560340847493480

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5560340847493480&plah=vskidku.com.ua&bust=31067235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f11e5f9c5ead6607cd5bfe9cfc2968a6f6539da2ff2c3442118641295a689f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 134ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vskidku.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
46ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vskidku.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 149ms
71ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fvskidku.com.ua%2F&tn=HEADER&cls=navbar%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DAF1 152 KB
44 KB 553ms
475ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&adk=1812271804&adf=3025194257&lmt=1651051783&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=183x900_l%7C183x900_r&format=0x0&url=http%3A%2F%2Fvskidku.com.ua%2F&ea=0&pra=5&wgl=1&dt=1651051783311&bpp=2&bdt=973&idt=273&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=198141109701&frm=20&pv=2&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=294

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bed2666f08daedf5d70c6c9b19e39007aa88940211fd8306eeac840bc7d530d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vskidku.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45027
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 09:29:44 GMT
expires: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 internal Show response
dmpprof.com/matching/ 141 B
667 B 248ms
81ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=http%3A%2F%2Fvskidku.com.ua%2F&title=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&dmp_print_id=ce191e43db2bdc6555b29a74bd089339
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8c67e1a148bb84dc758090fcf97d00013d90239bd060e6c8db9971a26053d5bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://vskidku.com.ua
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 141

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E56B 77 KB
25 KB 591ms
522ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=250&slotname=4734600862&adk=3649808460&adf=1024980739&pi=t.ma~as.4734600862&w=300&lmt=1651051783&psa=0&format=300x250&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783530&bpp=3&bdt=1192&idt=81&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=205&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1eWgjB7LY3&p=http%3A//vskidku.com.ua&dtd=85

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b16a15d8820edaf9bacdd5a07160bc6303154d7992daa068ae69dab39e5fe748

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJaDzpj3s_cCFe4IewodYyIHtA&gqi=Bw1pYrnZK8LA1fAP7YK2wAc&layout=/sadbundle/%24csp%253Der3%24/4322387679531499520/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vskidku.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25619
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJaDzpj3s_cCFe4IewodYyIHtA&gqi=Bw1pYrnZK8LA1fAP7YK2wAc&layout=/sadbundle/%24csp%253Der3%24/4322387679531499520/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 09:29:44 GMT
expires: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D847 81 KB
23 KB 755ms
691ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=286&slotname=2835195835&adk=204702715&adf=4066743136&pi=t.ma~as.2835195835&w=300&lmt=1651051783&rafmt=11&psa=0&format=300x286&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783545&bpp=1&bdt=1207&idt=73&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7g32Plrpyy&p=http%3A//vskidku.com.ua&dtd=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57ee998a095764ce5290ce326da03e5f305f2d38d2540bc7c862315506b67297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vskidku.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23077
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 09:29:44 GMT
expires: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK 1o1o9.json Show response
newrrb.bid/ 60 B
886 B 58ms
58ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.json

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57678535ca0798d3a0a117d35604d5a64208fd6f7a16251e29d1588d858c68af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8uHL3egu3YbZ1WAXI%2FOlG4qtCukk%2Ftf3APdeJo7JAkBYn5llOAd5wpkQJ5UMapaQwMu9SBgqwoC3hlmi4CnaDBwKyP%2FBMpaWYOPhQ6bJ2jrmsGunhTuQlhdkkrRKBirmRGoSs4TfdnQ"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7026890fcb24547b-LHR
Access-Control-Allow-Headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 23414332 Show response
mc.yandex.ru/watch/ 345 B
380 B 79ms
78ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirrla8%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A3%3Adp%3A0%3Als%3A701779988621%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092943%3Aet%3A1651051784%3Ac%3A1%3Arn%3A869887569%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651051784%3At%3A%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr(14)lt(8700)aw(1)cs(0)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c0a32ca11ec6dbbde67ebeb05ad0bd1ef57061375a6fe2d7032c4af4c49099e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 27-Apr-2022 09:29:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 345
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:43 GMT

POST
H/1.1 200
OK 1o1o9.json Show response
newrrb.bid/ 59 B
885 B 88ms
88ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://newrrb.bid/1o1o9.json

Requested by

Host: newrrb.bid
URL: http://newrrb.bid/1o1o9.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5978a9436ccbc413745269336b71d6460b2ddaa49eb8e6f4310bdb164f4e272

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXD5P6TOQg3CiNiwBton6in8yo0lK9aSvpWT8w9V6ORtNAcSryCSvx7SSyGpRF998Yh02mNh1oo31EuzlqL88hCDKyq1c%2FX1x7H3I7HSCI5O%2F5fwb9W5V2I%2B54lnTeUsPGr8bkoi3jIq"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 702689102bbd547b-LHR
Access-Control-Allow-Headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9621.yO3qjuJCP_0Ou5lBQjoOczOzhzRfSpVYgnGmCBNzwKTbENCgYuza9UXmI-aI12uB.av13bljTcrRRDIJjQHYl8D31K6c%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9621.vB7pYM9aA0zk7tB_h0jDSr1AEm8HjcIyam4zYc2_gszmQJPc4xFLW0DZwPMJ1f6DOPy8o6ShSJdMp9hUbcOC_KC1iGxnGdlN2c0BgEJTGpE%2C.hpayK2NN5h_Eb0_jQi9OezGy98...

43 B
383 B

80ms
80ms

Image
image/gif

149.5.244.108
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9621.vB7pYM9aA0zk7tB_h0jDSr1AEm8HjcIyam4zYc2_gszmQJPc4xFLW0DZwPMJ1f6DOPy8o6ShSJdMp9hUbcOC_KC1iGxnGdlN2c0BgEJTGpE%2C.hpayK2NN5h_Eb0_jQi9OezGy98g%2C

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Server

149.5.244.108 Valbonne, France, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9621.vB7pYM9aA0zk7tB_h0jDSr1AEm8HjcIyam4zYc2_gszmQJPc4xFLW0DZwPMJ1f6DOPy8o6ShSJdMp9hUbcOC_KC1iGxnGdlN2c0BgEJTGpE%2C.hpayK2NN5h_Eb0_jQi9OezGy98g%2C
date: Wed, 27 Apr 2022 09:29:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

track.min.js Show response
cdn.gravitec.media/
Redirect Chain

http://cdn.gravitec.media/track.min.js
https://cdn.gravitec.media/track.min.js

4 KB
2 KB

92ms
26ms

Script
application/javascript

45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: H2
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 26 Jul 2022 09:29:43 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

Redirect headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding
Content-Type: text/html
Location: https://cdn.gravitec.media/track.min.js
Cache-Control: max-age=7776000
Connection: keep-alive
Content-Length: 169
Expires: Tue, 26 Jul 2022 09:29:43 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 28ms
27ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/8b2dbbd635caa4cb4d75239e27206a09/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 32ms
32ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/8b2dbbd635caa4cb4d75239e27206a09/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 demography Show response
prodmp.ru/pclicks/ 3 B
134 B 73ms
73ms Fetch
application/json 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks/demography?domain=vskidku.com.ua
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: http://vskidku.com.ua
date: Wed, 27 Apr 2022 09:29:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H2 200 /
s.uuidksinc.net/match/601/ 74 B
242 B 128ms
37ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/601/?remote_uid=9d9e3644-885a-49ac-b7a9-369958eb3e8d
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=9d9e3644-885a-49ac-b7a9-369958eb3e8d
https://m.trafmag.com/images/1px-matching-go2net.gif?id=33020e151afd4710ab83a405186dab25

35 B
351 B

140ms
35ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=33020e151afd4710ab83a405186dab25
Requested by: Host: vskidku.com.ua
URL: http://vskidku.com.ua/
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 09:29:44 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Wed, 27 Apr 2022 09:29:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=33020e151afd4710ab83a405186dab25
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

POST
H2 200 enr Show response
dmpprof.com/ 2 B
353 B 79ms
77ms Fetch
text/plain 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=http%3A%2F%2Fvskidku.com.ua%2F&title=%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Apr 2022 09:29:43 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://vskidku.com.ua
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

GET
H2 200 7f51b672422afbf00daf.js Show response
yastatic.net/partner-code-bundles/573237/ 13 KB
5 KB 201ms
70ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/573237/7f51b672422afbf00daf.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b30cf0459b1fa06f73614d7afebbeddf2559b55185e42b9db35cf51533a6d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://vskidku.com.ua/
Origin: http://vskidku.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4460
last-modified: Fri, 22 Apr 2022 15:21:27 GMT
server: nginx/1.17.9
etag: "1d9dbf32c400a4d0668493ae98361a29"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Apr 2052 16:01:15 GMT

GET
H2 200 8dbcd35b0d2b8f1cc187.js Show response
yastatic.net/partner-code-bundles/573237/ 89 KB
19 KB 267ms
139ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/573237/8dbcd35b0d2b8f1cc187.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

935936e9d677c9260ee36c96b1005abf61cbeaf8f18856258e9321f506e877a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://vskidku.com.ua/
Origin: http://vskidku.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18882
last-modified: Fri, 22 Apr 2022 15:21:27 GMT
server: nginx/1.17.9
etag: "87496b13f843761cb128bb7565bef985"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Apr 2052 16:01:15 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 364ms
237ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://vskidku.com.ua/
Origin: http://vskidku.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Apr 2052 16:02:13 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/36729285/ 43 B
157 B 79ms
79ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/36729285/1?page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhrotpwxk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A1513032148092%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092944%3Aet%3A1651051784%3Ac%3A1%3Arn%3A894704961%3Arqn%3A2%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1651051782121%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651051784&t=gdpr(14)lt(8700)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
last-modified: Wed, 27-Apr-2022 09:29:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:44 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/23414332/ 43 B
73 B 80ms
79ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332/1?page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirrla8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A3%3Adp%3A0%3Als%3A701779988621%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092944%3Aet%3A1651051784%3Ac%3A1%3Arn%3A493137979%3Arqn%3A2%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1651051782121%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651051784&t=gdpr(14)mc(p-1)lt(8700)aw(1)cs(002)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
last-modified: Wed, 27-Apr-2022 09:29:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:44 GMT

GET
H2 404 986395 Show response
an.yandex.ru/meta/ 29 B
447 B 277ms
104ms XHR
text/html 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/986395?target-ref=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&pcode-test-ids=551983%2C0%2C66%3B574030%2C0%2C43%3B572084%2C0%2C23%3B574180%2C0%2C19%3B574178%2C0%2C44%3B574185%2C0%2C25%3B574183%2C0%2C4%3B564895%2C0%2C92%3B406668%2C0%2C56%3B574104%2C0%2C-1&pcode-flags-map=eJyVV8Fu2zgQ%2FZWFz8GCIiVR6o2SaJsIRaokZcctCqLb9Z6CxaKbFgsU%2FfcdSrIdyQnd5ODEgd7j8M3Mm9GPFVesktzXuuG19futcFwK61bvPv5Yff%2F8%2BO24erdypueru9XT8d8n8Sd8T3GJsnL189PdqhF2wDd8zXrpvNvylnvedu7gm94wJ7S6yUXJwNXyRjC%2FFkBXCQdY7jsjtBHAtWa102bGhH5H4Se5YksHtp2WPYRS9c5p5ZkS7XUw4%2BWvCOhA0Cux1gZQvwIZ1ai3TG1ATCnqe5DC6H6z9VJvRD3jgLtAJKfQTneccRJMMR44pwTtunJKUlzONKFl8hx4URXSK9zWt5aHr44b36sGPlnVeK3k4QZxluJJWWbhUmrj%2BUPn15LBH8ujvDt0V9nzICcUihWGN6cMx8%2BkJE%2FIK2feOGxGnCxZcX5mnWLfasUPnXaghLctk9J33NRcxTshQykmo9yGv%2B%2B5dX7XMojQ6NYfGMj74E0fp8CU4PGSdqv3XrKKy0sUY5HEGQhKUHm%2BkO3Njh%2BgWNSOG%2BhI7RXfe9bUhkMH7Pj0wIxyJxqu55xJXiRnziu0B267bKfveZmUf8FlYkQhKGGh7IRaay%2BFuo9fDqqOZMtsTUFo2QCjP8cmFFS1YtK3uullvLiyLEOEnomDRnUQHPSa%2BtPxhxvZB4oifd5svbJ912njoMKlZqG7bG1E57w1td8zo4Ta3OCkWUrfXPPQWVs5t4YkuOOMOic0Lc7UrR5vyYQEdK3DZ8ckd%2BC7irVz9aTYbJ2vNjM%2BShC9pMa60aheKIyM4qLIF9gsH2NhzVo%2F%2BBb02QkrKiHDhSCwwUVnNMf%2F%2FpkbLyUEnbx6kjsowdruOe7p67fjDFaQcoKBFVobSnGJuT7rDHox3gpC3is%2Bs52PUPk5pnc4g3GZwa%2BiKJI7kqVJUdxhUmYk%2FMoQze9wnqYpucMIQ9ZOjxBU5jnAKSpRAnCapsWnmZGVCUqmmLzlXHldQWft5mGsjn9%2F%2FuPxOB8vOS7HIlsLuAvcf8uHDCsXlyHNyDRePnCFPTg5%2BPlGeZz49wRKgHeeRAkyjMvR7Tro2tp54yrQH3yAR3EUl9kYca17Ndjaw9ZEIQUtpol1dmLf6JYJFYNBPjCZxkNwxVActW4r7de9lNDNoHMUn4Cdo7O2ldH3kBjQ1W%2BMaOJImhX5iwF72LOcEVUUDrWTj%2Ffdi2bDXYi8CztDFEXSJKGXjIZLwp7QwKIAG9Mmjk2TtEAX7GkZrLQJrWhYI3r72y8yHFi47XhNz%2BSeHWwcSU6LTrPuoBBtpxW0sxMt1%2F3ct%2FHSCNMUkVGpQZ8wK%2B1y1F%2BdlwHNMwMwPDjO6bzg0XF4Sim%2Bhot1GGD7YJ%2B36uoVhlMAOyb7WbYIehl93vhDTQvVQZI9M2387DyZuvbmAF9CM4TScUhIDvMPxo6BIcGMYAvB8RI2pXfRhYbDGG1gvv5iO4YxP%2BWaGRuWVMcu5cKNgYEBK%2FpzjmyGL1CKJsOapi2Y%2FU7wfZjz0aNzmk8zw4oPMGm4snDYZWpEwRTl2QRuGexxrbZM1EEHu2UNLIrgDHECGC3l9ZvAyGbjTnTBBntudD9UzPBac6vQL9CgkVewZdTw6iHaTRyGQaxn1Y0eEHQG68JeFy%2FNsiyKBXBYCOewL4%2FHz1%2FnhZHk00QxvIPnx839tMaztRtK3GgpZ0S1kwuasji1hm3ul8MXpjYic%2FcZ%2FzOOMmVFM5wztCGX8PasnA1ZdsINVtocXquYNZOWL0Q87aNbqNQPWjk2vEqEc2DRvHovukoC7B1jZEOT129G0zET02r5xpOzCQuCqHPuw6B%2FCwk5CzshfNtLJyqm1LiML%2FP55elx3rRpUWavLnqxvRLl%2BbTSbgyr8K1QUXp51geDmFlQglHs%2BRfGXJK9iPj5P3qtKH0%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LatSAaweCo1zqhzFD0W%2B7jc%2BD99KiR5aBnY13XeV4qSaXxh0H%2BqoOqGIsT4p3RZUrP5z%2BYHCjcYUiIWPT0pyjF02vU0%3D&duid=MTY1MTA1MTc4Mzc4NjI3MzE2MA%3D%3D&imp-id=8&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=451401062809602&ad-session-id=6189161651051784020&target-id=45495917&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fvskidku.com.ua&top-ancestor-undetermined=0&pcode-version=573237&pcodever=573237&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A1002%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=2368&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9CkKntIwsqeshGKijQ3EdvZlFn-PMkqgiiy6qiHPT1kmVpi23jeHEE2v_bPOW5lmaX_qltaaKOWfHZx_HgB4V4ArEGDVN2sbWnZfMceAIIQwFMUYYXrcB17AcgsZpnH6oI2xYB4GzEP2QfEfQ-A1CYzXISyQ4aN7pkC5YP9QROoQNo3FPzR4KrIP4toOkN-ifg_QrnIbp4FOjYvSlMnc-0GM9NcZMwvk69vb4gE97I36DtMNpz-rUFA2-g9-gTP2c9-H2KRBR_yKrDkTRqZVSVxwrlNK0yBRKN3HjVAHAZqJU1Y5KceoWPSrEKbk6S73cTwI3CSN1z8PITSOXXN3gOghnNndL5jeIjoCqz9nchvOGWy-vQXBwHQTHx2kQX_hpEPTpC_yktEU_2aVj1dFsB3-Lnc-_hfhkSOhSmnKeDb9eftxIaoJvynobNv1vjYucuhsBG7QTCawXvsj9_oPXG5R3ETh4Ezcsh_ANhIsZ4_vCv_RUH6yt-OD7EGty426enAapPysEjxOHmb3J6b-PXK1SKFU1WPIwI6oBSv2ex4XnkaujglRe-L2Cl2QJcZqVbhioFcosIWXiFRdJVIrTSGSi2VCfOPVNNPbQ2vikhZFc7hdR1uMwkqkVpJ4kySQiyjwUU4oKpap4TZ9Kv-ulPmmSp9PhZcpkcdoDURyXfiKTup_gBUVk4fHLMIqJ1IoGczyR-xj-3gnXXPOjDuphmoBhjktz9s7q7krVjjSnTJp4iTx-g6xMovgpdSZ1LLOp1Yr-hsw5yjq9ju0NkFfPmqCz1427nSAjLRuiPmruUjy1lDhPA5fxGc0HmCh8P0_zRc7W4dIw8ErPPbp9aS-2ksxkPZ7AT8WJSFwWQ-Udgyg2EMaJt53jxCouM9WauKlYV9lrRObL1cZs4mTH6jd6rZ_OjRNxIZv8f2VA5-PSIgtJXmokqUSLcJUHBw0k0EEBuYMaigORm_per4cExi5gNXeVKDZ-xFwkS-I3KCfw1prxiKPIMk_cJF3sUlQKAF_730NRfQiFAvz1_jFRmJP3QxKz00ehzvPzMC6JvRKMvqA9cUmxIXzIgT3qg_D2uL0BOq0WzfOO7Gq8TZFHdzb8SXUtH8GtmeY1eF_l7qFaV4GZkyt60rgG9P_AsG_DdvB-kOYVuBvzteplA2yCiGk_OpZa-1w4_5O7yF7z8lg09gEwHcRXJJC1rHBG5V3PwlhxX-sG7KtBAm25wf5BvJHKNa8CNXI3Z-Rs1pW8RrcD8rlttO8tWv6BtUL-VYhQm_PAnMKqnKxxDcaI83dYratA_OSL7FqXAR9EsroRnK-CfsNpGWCta9A2ZHd8LC2OD23LedCvZbQuQrVNJ3_Dpu1aqPa1K49rKgiqdQ_PITA3qjp49HRgaeuU2C3z61OT_Cl3o36AMvCvr_yVbHlVImOIUHyGWrMUplGh0osZpU1q0mkr7JZXNJGlDoNBxNxua1GMowghQ95ZdYroavN5VelhhcrGqQpj1o1cOEPqWFV3pD4oHOue-5E4DxThstsLfFWgoEp9n361t3TsYaNH-S0D7eCj6MZ06NQDWRi6RjmTtsgPEJJO1VxmjBOeiYpIbDzPC_OkiEuSJJOlrvG4vZTfR8OuxV5Rjcn92gz-SEpVHGLPq8Ll7icnvLH3FWH9b0K0mdzq4nqul8rI93JoCtojfPPMswXTfrxgeOqhEDCH00cVcynAn1GaWJocUbLC64p3igar-qnQ8pdKA2drmHI-hz3mRsA8lfbxxhWYkx_GiRFVF_oG3vS1v19b_5_ONVIahDGdY4NrAOAth0SXP8JVJtX19fnvTyw918SzJcHKRZmO4VJVH8celyY8ezL-OlIXz8FdacxKxBFW5pW9nYfteg7s_tX73SUzzAF24FvOdBPu5MojLf4LpzYiZEhog4Jzk4SWnv2Kx-xVFtXGbGDhbDZUZ6o8CdHwv4Mf_VWj0UIvlgw08pCjBBMlym6ah7ZRNfoP5aUkmyMYulUQDz1_YaPXUC1mg2vIi-gdyih1SUJforaZRl0tKqYdpcWLeyL5mg55avJEEr9YJsDS29Iky9Lo6pbJHKHvA68JezxvjS-3WuZqk-jgpHPGS80etw5OB5t6gaAJG1d3OFnoiy2-Q08u80NRQNO0mInomMDo3Fwl75kfBgcHAVnlMJEVIjd8bII4dVM1et5tHoO2EmI8Jqza8Kngoh4P0q9W9miV18IPHcTLH1txxItaB8--QphYAjOkpTQSL4gLojKPQ-_ZgshImdY43VywPpLBeZTyOMwljJcq7FTVwGcD-A%3D%3D&uniformat=true&callback=Ya%5B8419320228065%5D

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7013f99f1846cbc3ad0de1323b7b3ed55f957722409b2e9c010a11f251f2c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 09:29:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1651051784255534-1513303382142813307400181-production-app-host-sas-pcode-411
strict-transport-security: max-age=31536000
content-type: text/html; charset=windows-1251
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H2 200 905f032cea0ad8e830b0.js Show response
yastatic.net/partner-code-bundles/573237/ 491 KB
102 KB 245ms
168ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/573237/905f032cea0ad8e830b0.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ce8d1a304b574fa77746fa075fe083364ab565db3c2c3e9e93f11e5323e2cf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://vskidku.com.ua/
Origin: http://vskidku.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 104098
last-modified: Fri, 22 Apr 2022 15:21:27 GMT
server: nginx/1.17.9
etag: "eaecea99ac35822a9b5cd599dd87c774"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Apr 2052 16:01:15 GMT

GET
H2 200 mapping Show response
dprof.site/matching/ 17 B
541 B 83ms
75ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dprof.site/matching/mapping?uid=9d9e3644-885a-49ac-b7a9-369958eb3e8d
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://vskidku.com.ua
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 129ms
38ms Fetch 52.174.47.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=8b2dbbd635caa4cb4d75239e27206a09&user_id=a46f2aef-812f-4d37-8196-f41a4a382f12&utmb=168492c8-29ed-4fd7-b7be-1fc40dc2934d&path=http%3A%2F%2Fvskidku.com.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: http://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.174.47.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
x-correlation-id: e36c16fe92f835b9b8879340a8838d9f
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/ 145 KB
52 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/reactive_library_fy2019.js?bust=31067235

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49c6c841d5bd1e51eff23b42740159344c0d024be2b1b50e49710ec1a118704c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52863
x-xss-protection: 0
server: cafe
etag: 16263127570839631160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/ Frame D038 104 KB
29 KB 149ms
45ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=250&slotname=4734600862&adk=3649808460&adf=1024980739&pi=t.ma~as.4734600862&w=300&lmt=1651051783&psa=0&format=300x250&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783530&bpp=3&bdt=1192&idt=81&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=205&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1eWgjB7LY3&p=http%3A//vskidku.com.ua&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36bef81e56c6ee7968d93456b16905574ff5d2e7e18157b6fd56efd701914e24

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 184907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27982
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Apr 2022 06:07:57 GMT
expires: Tue, 25 Apr 2023 06:07:57 GMT
last-modified: Thu, 07 Apr 2022 17:31:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E56B 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEpO0Bw1pYtbjLe6R7APjxJygC4i0vcJp-dDxp_sPxK6HzIcwEAEgkPOXGGC7BqAByo7d4APIAQmpAk-TK4QiGrU-qAMByAMCqgTMAU_QehVLDTfTnVjt2MVMMqLrrelWAGWnj-h_aG2TGZJr-ivu6722oVQsX23lMfZ6_QpxAJ5LMN8WjqfO828WLx_Uuw0HiLLeVfP8diBqbE0F2nDzhkA8UI8m_GWjDu5dH2GmQmciirOnjUAOGJL22tDCWO5FdH_l7yd45ZnUsKGbMDh87u-ZwZ5BLwVkWXE3k-r1cAXLVK4XdS9NapQbaCJDKJB6J5I765ogO3JuZNmWluZMXtQBZiNTQn7aQsSDJNQZtRdHAwq7KFqcIcAE-vK9zPwDkgUECAQYAZIFBAgFGASgBl2AB57xoh-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDVoBnSCAkIgOGAEBABGB-ACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNTU2MDM0MDg0NzQ5MzQ4MBgA&sigh=LaCaHjgxfUg&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=250&slotname=4734600862&adk=3649808460&adf=1024980739&pi=t.ma~as.4734600862&w=300&lmt=1651051783&psa=0&format=300x250&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783530&bpp=3&bdt=1192&idt=81&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=205&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1eWgjB7LY3&p=http%3A//vskidku.com.ua&dtd=85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA65 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=250&slotname=4734600862&adk=3649808460&adf=1024980739&pi=t.ma~as.4734600862&w=300&lmt=1651051783&psa=0&format=300x250&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783530&bpp=3&bdt=1192&idt=81&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=205&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=1eWgjB7LY3&p=http%3A//vskidku.com.ua&dtd=85
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 09:09:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame E56B 3 KB
1 KB 146ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:22:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E56B 119 KB
37 KB 192ms
91ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame E56B 15 KB
7 KB 140ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:22:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 128ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vskidku.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vskidku.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/ Frame 0F00 10 KB
4 KB 42ms
41ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vskidku.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 58408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 17:16:16 GMT
etag: 3347421328414474149
expires: Tue, 10 May 2022 17:16:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CA65
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

161ms
161ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 09:29:44 GMT
expires: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 09:29:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame D847 6 KB
742 B 131ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ru

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=286&slotname=2835195835&adk=204702715&adf=4066743136&pi=t.ma~as.2835195835&w=300&lmt=1651051783&rafmt=11&psa=0&format=300x286&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783545&bpp=1&bdt=1207&idt=73&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7g32Plrpyy&p=http%3A//vskidku.com.ua&dtd=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 08:17:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 09:29:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame D847 32 KB
13 KB 125ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad2a46886e7a9d95349aae4c08d45ce7af674c3f88c1c7c745540df72329158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13081
x-xss-protection: 0
server: cafe
etag: 3082419303195746916
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:27:46 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/ Frame D847 19 KB
8 KB 136ms
56ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:28:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame D847 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:28:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D847 119 KB
36 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame D847 15 KB
6 KB 120ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:16:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D038 6 KB
884 B 130ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular|EB+Garamond:regular|Lato:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d1b7e2ac0fbcca5429f40266fc8b610b192e9db278480eab58de2f285e95c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:29:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 09:29:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D038 16 KB
6 KB 140ms
63ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 27 Apr 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D038 26 KB
10 KB 146ms
69ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 27 Apr 2022 16:13:39 GMT

GET
H2 200 986395 Show response
mc.yandex.ru/watch/ 302 B
373 B 85ms
85ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/986395?wmode=7&page-url=http%3A%2F%2Fvskidku.com.ua%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirrla8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A4%3Adp%3A0%3Als%3A1208218224258%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092944%3Aet%3A1651051784%3Ac%3A1%3Arn%3A763777574%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1651051782121%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Aafr%3A379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ast%3A1651051784%3At%3A%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr(14)mc(p-2)lt(23000)aw(1)cs(0)efid(1)afr(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

13c15e7db90ed71b48e52a998ffebac1ee689194e92432933df181dd09b42f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 27-Apr-2022 09:29:44 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 302
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:44 GMT

GET
H2 404 986395 Show response
an.yandex.ru/meta/ 29 B
137 B 99ms
98ms XHR
text/html 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/986395?target-ref=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&pcode-test-ids=551983%2C0%2C66%3B574030%2C0%2C43%3B572084%2C0%2C23%3B574180%2C0%2C19%3B574178%2C0%2C44%3B574185%2C0%2C25%3B574183%2C0%2C4%3B564895%2C0%2C92%3B406668%2C0%2C56%3B574104%2C0%2C-1&pcode-flags-map=eJyVV8Fu2zgQ%2FZWFz8GCIiVR6o2SaJsIRaokZcctCqLb9Z6CxaKbFgsU%2FfcdSrIdyQnd5ODEgd7j8M3Mm9GPFVesktzXuuG19futcFwK61bvPv5Yff%2F8%2BO24erdypueru9XT8d8n8Sd8T3GJsnL189PdqhF2wDd8zXrpvNvylnvedu7gm94wJ7S6yUXJwNXyRjC%2FFkBXCQdY7jsjtBHAtWa102bGhH5H4Se5YksHtp2WPYRS9c5p5ZkS7XUw4%2BWvCOhA0Cux1gZQvwIZ1ai3TG1ATCnqe5DC6H6z9VJvRD3jgLtAJKfQTneccRJMMR44pwTtunJKUlzONKFl8hx4URXSK9zWt5aHr44b36sGPlnVeK3k4QZxluJJWWbhUmrj%2BUPn15LBH8ujvDt0V9nzICcUihWGN6cMx8%2BkJE%2FIK2feOGxGnCxZcX5mnWLfasUPnXaghLctk9J33NRcxTshQykmo9yGv%2B%2B5dX7XMojQ6NYfGMj74E0fp8CU4PGSdqv3XrKKy0sUY5HEGQhKUHm%2BkO3Njh%2BgWNSOG%2BhI7RXfe9bUhkMH7Pj0wIxyJxqu55xJXiRnziu0B267bKfveZmUf8FlYkQhKGGh7IRaay%2BFuo9fDqqOZMtsTUFo2QCjP8cmFFS1YtK3uullvLiyLEOEnomDRnUQHPSa%2BtPxhxvZB4oifd5svbJ912njoMKlZqG7bG1E57w1td8zo4Ta3OCkWUrfXPPQWVs5t4YkuOOMOic0Lc7UrR5vyYQEdK3DZ8ckd%2BC7irVz9aTYbJ2vNjM%2BShC9pMa60aheKIyM4qLIF9gsH2NhzVo%2F%2BBb02QkrKiHDhSCwwUVnNMf%2F%2FpkbLyUEnbx6kjsowdruOe7p67fjDFaQcoKBFVobSnGJuT7rDHox3gpC3is%2Bs52PUPk5pnc4g3GZwa%2BiKJI7kqVJUdxhUmYk%2FMoQze9wnqYpucMIQ9ZOjxBU5jnAKSpRAnCapsWnmZGVCUqmmLzlXHldQWft5mGsjn9%2F%2FuPxOB8vOS7HIlsLuAvcf8uHDCsXlyHNyDRePnCFPTg5%2BPlGeZz49wRKgHeeRAkyjMvR7Tro2tp54yrQH3yAR3EUl9kYca17Ndjaw9ZEIQUtpol1dmLf6JYJFYNBPjCZxkNwxVActW4r7de9lNDNoHMUn4Cdo7O2ldH3kBjQ1W%2BMaOJImhX5iwF72LOcEVUUDrWTj%2Ffdi2bDXYi8CztDFEXSJKGXjIZLwp7QwKIAG9Mmjk2TtEAX7GkZrLQJrWhYI3r72y8yHFi47XhNz%2BSeHWwcSU6LTrPuoBBtpxW0sxMt1%2F3ct%2FHSCNMUkVGpQZ8wK%2B1y1F%2BdlwHNMwMwPDjO6bzg0XF4Sim%2Bhot1GGD7YJ%2B36uoVhlMAOyb7WbYIehl93vhDTQvVQZI9M2387DyZuvbmAF9CM4TScUhIDvMPxo6BIcGMYAvB8RI2pXfRhYbDGG1gvv5iO4YxP%2BWaGRuWVMcu5cKNgYEBK%2FpzjmyGL1CKJsOapi2Y%2FU7wfZjz0aNzmk8zw4oPMGm4snDYZWpEwRTl2QRuGexxrbZM1EEHu2UNLIrgDHECGC3l9ZvAyGbjTnTBBntudD9UzPBac6vQL9CgkVewZdTw6iHaTRyGQaxn1Y0eEHQG68JeFy%2FNsiyKBXBYCOewL4%2FHz1%2FnhZHk00QxvIPnx839tMaztRtK3GgpZ0S1kwuasji1hm3ul8MXpjYic%2FcZ%2FzOOMmVFM5wztCGX8PasnA1ZdsINVtocXquYNZOWL0Q87aNbqNQPWjk2vEqEc2DRvHovukoC7B1jZEOT129G0zET02r5xpOzCQuCqHPuw6B%2FCwk5CzshfNtLJyqm1LiML%2FP55elx3rRpUWavLnqxvRLl%2BbTSbgyr8K1QUXp51geDmFlQglHs%2BRfGXJK9iPj5P3qtKH0%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LatSAaweCo1zqhzFD0W%2B7jc%2BD99KiR5aBnY13XeV4qSaXxh0H%2BqoOqGIsT4p3RZUrP5z%2BYHCjcYUiIWPT0pyjF02vU0%3D&duid=MTY1MTA1MTc4Mzc4NjI3MzE2MA%3D%3D&imp-id=11&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=451401062809602&ad-session-id=6189161651051784020&target-id=81551487&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fvskidku.com.ua&top-ancestor-undetermined=0&pcode-version=573237&pcodever=573237&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=2368&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9CkKntIwsqeshGKijQ3EdvZlFn-PMkqgiiy6qiHPT1kmVpi23jeHEE2v_bPOW5lmaX_qltaaKOWfHZx_HgB4V4ArEGDVN2sbWnZfMceAIIQwFMUYYXrcB17AcgsZpnH6oI2xYB4GzEP2QfEfQ-A1CYzXISyQ4aN7pkC5YP9QROoQNo3FPzR4KrIP4toOkN-ifg_QrnIbp4FOjYvSlMnc-0GM9NcZMwvk69vb4gE97I36DtMNpz-rUFA2-g9-gTP2c9-H2KRBR_yKrDkTRqZVSVxwrlNK0yBRKN3HjVAHAZqJU1Y5KceoWPSrEKbk6S73cTwI3CSN1z8PITSOXXN3gOghnNndL5jeIjoCqz9nchvOGWy-vQXBwHQTHx2kQX_hpEPTpC_yktEU_2aVj1dFsB3-Lnc-_hfhkSOhSmnKeDb9eftxIaoJvynobNv1vjYucuhsBG7QTCawXvsj9_oPXG5R3ETh4Ezcsh_ANhIsZ4_vCv_RUH6yt-OD7EGty426enAapPysEjxOHmb3J6b-PXK1SKFU1WPIwI6oBSv2ex4XnkaujglRe-L2Cl2QJcZqVbhioFcosIWXiFRdJVIrTSGSi2VCfOPVNNPbQ2vikhZFc7hdR1uMwkqkVpJ4kySQiyjwUU4oKpap4TZ9Kv-ulPmmSp9PhZcpkcdoDURyXfiKTup_gBUVk4fHLMIqJ1IoGczyR-xj-3gnXXPOjDuphmoBhjktz9s7q7krVjjSnTJp4iTx-g6xMovgpdSZ1LLOp1Yr-hsw5yjq9ju0NkFfPmqCz1427nSAjLRuiPmruUjy1lDhPA5fxGc0HmCh8P0_zRc7W4dIw8ErPPbp9aS-2ksxkPZ7AT8WJSFwWQ-Udgyg2EMaJt53jxCouM9WauKlYV9lrRObL1cZs4mTH6jd6rZ_OjRNxIZv8f2VA5-PSIgtJXmokqUSLcJUHBw0k0EEBuYMaigORm_per4cExi5gNXeVKDZ-xFwkS-I3KCfw1prxiKPIMk_cJF3sUlQKAF_730NRfQiFAvz1_jFRmJP3QxKz00ehzvPzMC6JvRKMvqA9cUmxIXzIgT3qg_D2uL0BOq0WzfOO7Gq8TZFHdzb8SXUtH8GtmeY1eF_l7qFaV4GZkyt60rgG9P_AsG_DdvB-kOYVuBvzteplA2yCiGk_OpZa-1w4_5O7yF7z8lg09gEwHcRXJJC1rHBG5V3PwlhxX-sG7KtBAm25wf5BvJHKNa8CNXI3Z-Rs1pW8RrcD8rlttO8tWv6BtUL-VYhQm_PAnMKqnKxxDcaI83dYratA_OSL7FqXAR9EsroRnK-CfsNpGWCta9A2ZHd8LC2OD23LedCvZbQuQrVNJ3_Dpu1aqPa1K49rKgiqdQ_PITA3qjp49HRgaeuU2C3z61OT_Cl3o36AMvCvr_yVbHlVImOIUHyGWrMUplGh0osZpU1q0mkr7JZXNJGlDoNBxNxua1GMowghQ95ZdYroavN5VelhhcrGqQpj1o1cOEPqWFV3pD4oHOue-5E4DxThstsLfFWgoEp9n361t3TsYaNH-S0D7eCj6MZ06NQDWRi6RjmTtsgPEJJO1VxmjBOeiYpIbDzPC_OkiEuSJJOlrvG4vZTfR8OuxV5Rjcn92gz-SEpVHGLPq8Ll7icnvLH3FWH9b0K0mdzq4nqul8rI93JoCtojfPPMswXTfrxgeOqhEDCH00cVcynAn1GaWJocUbLC64p3igar-qnQ8pdKA2drmHI-hz3mRsA8lfbxxhWYkx_GiRFVF_oG3vS1v19b_5_ONVIahDGdY4NrAOAth0SXP8JVJtX19fnvTyw918SzJcHKRZmO4VJVH8celyY8ezL-OlIXz8FdacxKxBFW5pW9nYfteg7s_tX73SUzzAF24FvOdBPu5MojLf4LpzYiZEhog4Jzk4SWnv2Kx-xVFtXGbGDhbDZUZ6o8CdHwv4Mf_VWj0UIvlgw08pCjBBMlym6ah7ZRNfoP5aUkmyMYulUQDz1_YaPXUC1mg2vIi-gdyih1SUJforaZRl0tKqYdpcWLeyL5mg55avJEEr9YJsDS29Iky9Lo6pbJHKHvA68JezxvjS-3WuZqk-jgpHPGS80etw5OB5t6gaAJG1d3OFnoiy2-Q08u80NRQNO0mInomMDo3Fwl75kfBgcHAVnlMJEVIjd8bII4dVM1et5tHoO2EmI8Jqza8Kngoh4P0q9W9miV18IPHcTLH1txxItaB8--QphYAjOkpTQSL4gLojKPQ-_ZgshImdY43VywPpLBeZTyOMwljJcq7FTVwGcD-A%3D%3D&uniformat=true&callback=Ya%5B5228843718822%5D

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7013f99f1846cbc3ad0de1323b7b3ed55f957722409b2e9c010a11f251f2c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 09:29:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1651051784486374-565382311182447785400186-production-app-host-sas-pcode-312
strict-transport-security: max-age=31536000
content-type: text/html; charset=windows-1251
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0F00 4 KB
1 KB 104ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 07:39:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 09:29:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0F00 205 B
742 B 124ms
39ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 08:56:05 GMT
x-content-type-options: nosniff
age: 2019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Apr 2023 08:56:05 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0F00 604 B
693 B 124ms
39ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:14:44 GMT
x-content-type-options: nosniff
age: 900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Apr 2023 09:14:44 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/elements/html/ Frame 0F00 19 KB
8 KB 91ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:16:29 GMT

GET
DATA 200
OK truncated
/ Frame E56B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 568920cbbc0f572d97377ad018096308178c111ac8a37eb93bd1257f36619bdf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 1 Show response
mc.yandex.ru/watch/986395/ 43 B
73 B 80ms
79ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/986395/1?page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirrla8%3Afp%3A693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A4%3Adp%3A0%3Als%3A1208218224258%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092944%3Aet%3A1651051785%3Ac%3A1%3Arn%3A1032529511%3Arqn%3A1%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1651051782121%3Ads%3A58%2C62%2C88%2C2%2C%2C0%2C%2C587%2C10%2C%2C%2C%2C798%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651051785&t=gdpr(14)mc(p-3-h-1)lt(23000)aw(1)cs(002)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
last-modified: Wed, 27-Apr-2022 09:29:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:44 GMT

GET
H2 200 986395 Show response
mc.yandex.ru/watch/ 43 B
73 B 78ms
78ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/986395?page-url=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirrla8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A4%3Adp%3A0%3Als%3A1208218224258%3Ahid%3A1072892489%3Az%3A0%3Ai%3A20220427092944%3Aet%3A1651051785%3Ac%3A1%3Arn%3A651006261%3Arqn%3A2%3Au%3A1651051783786273160%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1651051782121%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651051785%3At%3A%D0%90%D0%BA%D1%86%D0%B8%D0%B8%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BA%D0%B8%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D0%BE%D0%B2%20%D0%B2%20%D1%81%D1%83%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B0%D1%85%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr(14)mc(p-3-h-1)lt(23000)aw(1)cs(0020)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vskidku.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
last-modified: Wed, 27-Apr-2022 09:29:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:44 GMT

GET
H2 404 986395 Show response
an.yandex.ru/meta/ 29 B
136 B 93ms
93ms XHR
text/html 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/986395?target-ref=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&pcode-test-ids=551983%2C0%2C66%3B574030%2C0%2C43%3B572084%2C0%2C23%3B574180%2C0%2C19%3B574178%2C0%2C44%3B574185%2C0%2C25%3B574183%2C0%2C4%3B564895%2C0%2C92%3B406668%2C0%2C56%3B574104%2C0%2C-1&pcode-flags-map=eJyVV8Fu2zgQ%2FZWFz8GCIiVR6o2SaJsIRaokZcctCqLb9Z6CxaKbFgsU%2FfcdSrIdyQnd5ODEgd7j8M3Mm9GPFVesktzXuuG19futcFwK61bvPv5Yff%2F8%2BO24erdypueru9XT8d8n8Sd8T3GJsnL189PdqhF2wDd8zXrpvNvylnvedu7gm94wJ7S6yUXJwNXyRjC%2FFkBXCQdY7jsjtBHAtWa102bGhH5H4Se5YksHtp2WPYRS9c5p5ZkS7XUw4%2BWvCOhA0Cux1gZQvwIZ1ai3TG1ATCnqe5DC6H6z9VJvRD3jgLtAJKfQTneccRJMMR44pwTtunJKUlzONKFl8hx4URXSK9zWt5aHr44b36sGPlnVeK3k4QZxluJJWWbhUmrj%2BUPn15LBH8ujvDt0V9nzICcUihWGN6cMx8%2BkJE%2FIK2feOGxGnCxZcX5mnWLfasUPnXaghLctk9J33NRcxTshQykmo9yGv%2B%2B5dX7XMojQ6NYfGMj74E0fp8CU4PGSdqv3XrKKy0sUY5HEGQhKUHm%2BkO3Njh%2BgWNSOG%2BhI7RXfe9bUhkMH7Pj0wIxyJxqu55xJXiRnziu0B267bKfveZmUf8FlYkQhKGGh7IRaay%2BFuo9fDqqOZMtsTUFo2QCjP8cmFFS1YtK3uullvLiyLEOEnomDRnUQHPSa%2BtPxhxvZB4oifd5svbJ912njoMKlZqG7bG1E57w1td8zo4Ta3OCkWUrfXPPQWVs5t4YkuOOMOic0Lc7UrR5vyYQEdK3DZ8ckd%2BC7irVz9aTYbJ2vNjM%2BShC9pMa60aheKIyM4qLIF9gsH2NhzVo%2F%2BBb02QkrKiHDhSCwwUVnNMf%2F%2FpkbLyUEnbx6kjsowdruOe7p67fjDFaQcoKBFVobSnGJuT7rDHox3gpC3is%2Bs52PUPk5pnc4g3GZwa%2BiKJI7kqVJUdxhUmYk%2FMoQze9wnqYpucMIQ9ZOjxBU5jnAKSpRAnCapsWnmZGVCUqmmLzlXHldQWft5mGsjn9%2F%2FuPxOB8vOS7HIlsLuAvcf8uHDCsXlyHNyDRePnCFPTg5%2BPlGeZz49wRKgHeeRAkyjMvR7Tro2tp54yrQH3yAR3EUl9kYca17Ndjaw9ZEIQUtpol1dmLf6JYJFYNBPjCZxkNwxVActW4r7de9lNDNoHMUn4Cdo7O2ldH3kBjQ1W%2BMaOJImhX5iwF72LOcEVUUDrWTj%2Ffdi2bDXYi8CztDFEXSJKGXjIZLwp7QwKIAG9Mmjk2TtEAX7GkZrLQJrWhYI3r72y8yHFi47XhNz%2BSeHWwcSU6LTrPuoBBtpxW0sxMt1%2F3ct%2FHSCNMUkVGpQZ8wK%2B1y1F%2BdlwHNMwMwPDjO6bzg0XF4Sim%2Bhot1GGD7YJ%2B36uoVhlMAOyb7WbYIehl93vhDTQvVQZI9M2387DyZuvbmAF9CM4TScUhIDvMPxo6BIcGMYAvB8RI2pXfRhYbDGG1gvv5iO4YxP%2BWaGRuWVMcu5cKNgYEBK%2FpzjmyGL1CKJsOapi2Y%2FU7wfZjz0aNzmk8zw4oPMGm4snDYZWpEwRTl2QRuGexxrbZM1EEHu2UNLIrgDHECGC3l9ZvAyGbjTnTBBntudD9UzPBac6vQL9CgkVewZdTw6iHaTRyGQaxn1Y0eEHQG68JeFy%2FNsiyKBXBYCOewL4%2FHz1%2FnhZHk00QxvIPnx839tMaztRtK3GgpZ0S1kwuasji1hm3ul8MXpjYic%2FcZ%2FzOOMmVFM5wztCGX8PasnA1ZdsINVtocXquYNZOWL0Q87aNbqNQPWjk2vEqEc2DRvHovukoC7B1jZEOT129G0zET02r5xpOzCQuCqHPuw6B%2FCwk5CzshfNtLJyqm1LiML%2FP55elx3rRpUWavLnqxvRLl%2BbTSbgyr8K1QUXp51geDmFlQglHs%2BRfGXJK9iPj5P3qtKH0%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LatSAaweCo1zqhzFD0W%2B7jc%2BD99KiR5aBnY13XeV4qSaXxh0H%2BqoOqGIsT4p3RZUrP5z%2BYHCjcYUiIWPT0pyjF02vU0%3D&duid=MTY1MTA1MTc4Mzc4NjI3MzE2MA%3D%3D&imp-id=12&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=451401062809602&ad-session-id=6189161651051784020&target-id=23266829&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fvskidku.com.ua&top-ancestor-undetermined=0&pcode-version=573237&pcodever=573237&flash-ver=0&available-width=300&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A2%7D&grab-orig-len=2368&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9CkKntIwsqeshGKijQ3EdvZlFn-PMkqgiiy6qiHPT1kmVpi23jeHEE2v_bPOW5lmaX_qltaaKOWfHZx_HgB4V4ArEGDVN2sbWnZfMceAIIQwFMUYYXrcB17AcgsZpnH6oI2xYB4GzEP2QfEfQ-A1CYzXISyQ4aN7pkC5YP9QROoQNo3FPzR4KrIP4toOkN-ifg_QrnIbp4FOjYvSlMnc-0GM9NcZMwvk69vb4gE97I36DtMNpz-rUFA2-g9-gTP2c9-H2KRBR_yKrDkTRqZVSVxwrlNK0yBRKN3HjVAHAZqJU1Y5KceoWPSrEKbk6S73cTwI3CSN1z8PITSOXXN3gOghnNndL5jeIjoCqz9nchvOGWy-vQXBwHQTHx2kQX_hpEPTpC_yktEU_2aVj1dFsB3-Lnc-_hfhkSOhSmnKeDb9eftxIaoJvynobNv1vjYucuhsBG7QTCawXvsj9_oPXG5R3ETh4Ezcsh_ANhIsZ4_vCv_RUH6yt-OD7EGty426enAapPysEjxOHmb3J6b-PXK1SKFU1WPIwI6oBSv2ex4XnkaujglRe-L2Cl2QJcZqVbhioFcosIWXiFRdJVIrTSGSi2VCfOPVNNPbQ2vikhZFc7hdR1uMwkqkVpJ4kySQiyjwUU4oKpap4TZ9Kv-ulPmmSp9PhZcpkcdoDURyXfiKTup_gBUVk4fHLMIqJ1IoGczyR-xj-3gnXXPOjDuphmoBhjktz9s7q7krVjjSnTJp4iTx-g6xMovgpdSZ1LLOp1Yr-hsw5yjq9ju0NkFfPmqCz1427nSAjLRuiPmruUjy1lDhPA5fxGc0HmCh8P0_zRc7W4dIw8ErPPbp9aS-2ksxkPZ7AT8WJSFwWQ-Udgyg2EMaJt53jxCouM9WauKlYV9lrRObL1cZs4mTH6jd6rZ_OjRNxIZv8f2VA5-PSIgtJXmokqUSLcJUHBw0k0EEBuYMaigORm_per4cExi5gNXeVKDZ-xFwkS-I3KCfw1prxiKPIMk_cJF3sUlQKAF_730NRfQiFAvz1_jFRmJP3QxKz00ehzvPzMC6JvRKMvqA9cUmxIXzIgT3qg_D2uL0BOq0WzfOO7Gq8TZFHdzb8SXUtH8GtmeY1eF_l7qFaV4GZkyt60rgG9P_AsG_DdvB-kOYVuBvzteplA2yCiGk_OpZa-1w4_5O7yF7z8lg09gEwHcRXJJC1rHBG5V3PwlhxX-sG7KtBAm25wf5BvJHKNa8CNXI3Z-Rs1pW8RrcD8rlttO8tWv6BtUL-VYhQm_PAnMKqnKxxDcaI83dYratA_OSL7FqXAR9EsroRnK-CfsNpGWCta9A2ZHd8LC2OD23LedCvZbQuQrVNJ3_Dpu1aqPa1K49rKgiqdQ_PITA3qjp49HRgaeuU2C3z61OT_Cl3o36AMvCvr_yVbHlVImOIUHyGWrMUplGh0osZpU1q0mkr7JZXNJGlDoNBxNxua1GMowghQ95ZdYroavN5VelhhcrGqQpj1o1cOEPqWFV3pD4oHOue-5E4DxThstsLfFWgoEp9n361t3TsYaNH-S0D7eCj6MZ06NQDWRi6RjmTtsgPEJJO1VxmjBOeiYpIbDzPC_OkiEuSJJOlrvG4vZTfR8OuxV5Rjcn92gz-SEpVHGLPq8Ll7icnvLH3FWH9b0K0mdzq4nqul8rI93JoCtojfPPMswXTfrxgeOqhEDCH00cVcynAn1GaWJocUbLC64p3igar-qnQ8pdKA2drmHI-hz3mRsA8lfbxxhWYkx_GiRFVF_oG3vS1v19b_5_ONVIahDGdY4NrAOAth0SXP8JVJtX19fnvTyw918SzJcHKRZmO4VJVH8celyY8ezL-OlIXz8FdacxKxBFW5pW9nYfteg7s_tX73SUzzAF24FvOdBPu5MojLf4LpzYiZEhog4Jzk4SWnv2Kx-xVFtXGbGDhbDZUZ6o8CdHwv4Mf_VWj0UIvlgw08pCjBBMlym6ah7ZRNfoP5aUkmyMYulUQDz1_YaPXUC1mg2vIi-gdyih1SUJforaZRl0tKqYdpcWLeyL5mg55avJEEr9YJsDS29Iky9Lo6pbJHKHvA68JezxvjS-3WuZqk-jgpHPGS80etw5OB5t6gaAJG1d3OFnoiy2-Q08u80NRQNO0mInomMDo3Fwl75kfBgcHAVnlMJEVIjd8bII4dVM1et5tHoO2EmI8Jqza8Kngoh4P0q9W9miV18IPHcTLH1txxItaB8--QphYAjOkpTQSL4gLojKPQ-_ZgshImdY43VywPpLBeZTyOMwljJcq7FTVwGcD-A%3D%3D&uniformat=true&callback=Ya%5B4996239468824%5D

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7013f99f1846cbc3ad0de1323b7b3ed55f957722409b2e9c010a11f251f2c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 09:29:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1651051784585297-882850973646152098300182-production-app-host-sas-pcode-200
strict-transport-security: max-age=31536000
content-type: text/html; charset=windows-1251
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 85F6 8 KB
892 B 123ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 07:40:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 09:29:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 85F6 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:26:06 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/ Frame 85F6 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:28:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 85F6 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:28:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 85F6 15 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 09:16:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85F6 119 KB
36 KB 124ms
46ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 09:29:44 GMT

GET
H2 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame 85F6 30 KB
12 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220425/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 07:48:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D847 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJdb3Bw1pYoXeLcuGYbaTv8gI5I_SsVy_2_2IiAHAjbcBEAEgAGC7BoIBF2NhLXB1Yi01NTYwMzQwODQ3NDkzNDgwoAG91IjrA8gBCakCT5MrhCIatT6oAwHIAwKqBLcBT9A6EJYZOjgAPCAOWVR-ezdNPd19lmnv4jG8TGzImNic_f-EehQrCGp9LMX0uFNdAtlljC7o5oxrJtcKUwLUaWvRprb6t840BDRBhwCGkuaUZRZbY-avwrqM7-EMLKX_pz1ouQ5RnOIp2jM44SwYQsZL6h3wi1pNpsW8WV2GDYypM0OTrj1UZbcyUVd8d-TkfGiBmUplg-PT6oHg7bynrrofImY5fkOC1yVtUu1XyWx9BsCytt2NgAbtiarMyIPH9xugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NTYwMzQwODQ3NDkzNDgwGAA&sigh=gWH5R2bOP0Y&uach_m=[UACH]&cid=CAQSGwCNIrLMC9ZWV8iC3eSkIJ37mwAjdlyEa8EEUBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=286&slotname=2835195835&adk=204702715&adf=4066743136&pi=t.ma~as.2835195835&w=300&lmt=1651051783&rafmt=11&psa=0&format=300x286&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783545&bpp=1&bdt=1207&idt=73&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7g32Plrpyy&p=http%3A//vskidku.com.ua&dtd=75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 lgn.php Show response
cat.fr.eu.criteo.com/delivery/ Frame D847 43 B
348 B 108ms
38ms Fetch
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=shRa4BVYn0a5ZoMl3a5Np5sg4mbqhd5iVuzmaaly9LV6kj8AgAhVzLBtL-8fomahBxR0KImRLVdsN02-DmyZFzATM0GkozU1nIU4txgwklX-g-y12WI9B2LOE4t20Jyya4_ROkqjTpV31SeajC_IPWxArtVhoIY6FdSevfvmDhNaaQdPz235YyQ60nlEwPdjpvnUxhh8z2KLpQjXmI_oaVaXxVKy8rKHCja5O8vK0ot0Y4mLU3iSMwBojk13geeUTFsltI4MZee48kXClFIv9zKyazqvKalJdNUa0q-mP2yfdkIVqiD8mpjh8tmAcc1wflsNshjKSBgWOiOP3Tu7660VHgDAk257AQeqtAH2-VWmPutOPwmlHR5p65fs1UIo4JH8v78EuHBJUtydK1d-la6ZuLOsl35sRJhkOuRLE1vsc5049doi5-e2SqUxtrARyxyoiQ&z=YmkNBwALbwUKGENLAA_Jtt06dHJyyFqgZhk33w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:43 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3203377
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame D847 0
0 122ms
41ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kurgEo3GMAAAh_pXGAIAAAD_UVLQOKldMCvlr5wQBw1pYhJPJSdME5C43uDfABIDAQ&wp=YmkNBwALbwUKGENLAA_Jtt06dHJyyFqgZhk33w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 536284
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

200

i Show response
ipds.adrta.com/ Frame D847
Redirect Chain

https://adrta.com/i?cb=62690d074f1227254c1390b8dee0df00&clid=co&paid=co&avid=2378&caid=307306&plid=11117110&publisherId=141477&kv1=0X0&kv2=&kv3=cf3c9643-95fc-46b3-809c-407ec62c8b75&kv4=2a02:8c8:c10...
https://ipds.adrta.com/i?__x=KCFPNCIIDGEICG@IKJNGHNJNIJMKMNMHKMCGLJFHLFNPJNIKCNMJKMNKLNPMNMKFJHPI@HNKGEJINMKPJL@HJPFJHMILLPPFHKJMG@IMJHHKGLMLOIMCFAE@H&cb=62690d074f1227254c1390b8dee0df00&clid=co&pa...

43 B
210 B

110ms
100ms

Fetch
image/gif

52.5.198.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ipds.adrta.com/i?__x=KCFPNCIIDGEICG@IKJNGHNJNIJMKMNMHKMCGLJFHLFNPJNIKCNMJKMNKLNPMNMKFJHPI@HNKGEJINMKPJL@HJPFJHMILLPPFHKJMG@IMJHHKGLMLOIMCFAE@H&cb=62690d074f1227254c1390b8dee0df00&clid=co&paid=co&avid=2378&caid=307306&plid=11117110&publisherId=141477&kv1=0X0&kv2=&kv3=cf3c9643-95fc-46b3-809c-407ec62c8b75&kv4=2a02:8c8:c10::&kv7=314&kv11=62690d074f1227254c1390b8dee0df00&kv12=795405&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web&url=http://vskidku.com.ua&seller_id=pub-5560340847493480
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=286&slotname=2835195835&adk=204702715&adf=4066743136&pi=t.ma~as.2835195835&w=300&lmt=1651051783&rafmt=11&psa=0&format=300x286&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783545&bpp=1&bdt=1207&idt=73&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7g32Plrpyy&p=http%3A//vskidku.com.ua&dtd=75
Protocol: H2
Server: 52.5.198.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-198-190.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:44 GMT
cache-control: no-cache
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=KCFPNCIIDGEICG@IKJNGHNJNIJMKMNMHKMCGLJFHLFNPJNIKCNMJKMNKLNPMNMKFJHPI@HNKGEJINMKPJL@HJPFJHMILLPPFHKJMG@IMJHHKGLMLOIMCFAE@H&cb=62690d074f1227254c1390b8dee0df00&clid=co&paid=co&avid=2378&caid=307306&plid=11117110&publisherId=141477&kv1=0X0&kv2=&kv3=cf3c9643-95fc-46b3-809c-407ec62c8b75&kv4=2a02:8c8:c10::&kv7=314&kv11=62690d074f1227254c1390b8dee0df00&kv12=795405&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web&url=http://vskidku.com.ua&seller_id=pub-5560340847493480
date: Wed, 27 Apr 2022 09:29:44 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D847 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSyz6Bw1pYoXeLcuGYbaTv8gI5I_SsVy_2_2IiAHAjbcBEAEgAGC7BoIBF2NhLXB1Yi01NTYwMzQwODQ3NDkzNDgwoAG91IjrA8gBCakCT5MrhCIatT6oAwGqBLcBT9A6EJYZOjgAPCAOWVR-ezdNPd19lmnv4jG8TGzImNic_f-EehQrCGp9LMX0uFNdAtlljC7o5oxrJtcKUwLUaWvRprb6t840BDRBhwCGkuaUZRZbY-avwrqM7-EMLKX_pz1ouQ5RnOIp2jM44SwYQsZL6h3wi1pNpsW8WV2GDYypM0OTrj1UZbcyUVd8d-TkfGiBmUplg-PT6oHg7bynrrofImY5fkOC1yVtUu1XyWx9BsCytt2NgAbtiarMyIPH9xugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NTYwMzQwODQ3NDkzNDgwGAA&sigh=6_HwTMDW3WM&uach_m=[UACH]&cid=CAQSGwCNIrLMC9ZWV8iC3eSkIJ37mwAjdlyEa8EEUBgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=286&slotname=2835195835&adk=204702715&adf=4066743136&pi=t.ma~as.2835195835&w=300&lmt=1651051783&rafmt=11&psa=0&format=300x286&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783545&bpp=1&bdt=1207&idt=73&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7g32Plrpyy&p=http%3A//vskidku.com.ua&dtd=75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D847 18 KB
18 KB 103ms
34ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2Fstaticbanners%2Ftotaljobs%2Ftotaljobsimg.png&ups=1&v=3&w=800&s=1I8DBEJgW7haqCFGTSOd6cM0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6a6283ff886732f7521c37e1f09a987d0135eaf2d7e3f0a54edf255131ce72bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:29:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30758026
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18044
expires: Tue, 18 Apr 2023 09:23:31 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D847 16 KB
16 KB 115ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ru

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 70063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 14:02:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D847 15 KB
15 KB 116ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ru

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 574272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:58:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D847 9 KB
9 KB 129ms
52ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ru

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:29:47 GMT
x-content-type-options: nosniff
age: 439197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Apr 2023 07:29:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D847 15 KB
15 KB 137ms
60ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=ru

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 459803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:46:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9850 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5560340847493480&output=html&h=286&slotname=2835195835&adk=204702715&adf=4066743136&pi=t.ma~as.2835195835&w=300&lmt=1651051783&rafmt=11&psa=0&format=300x286&url=http%3A%2F%2Fvskidku.com.ua%2F&wgl=1&dt=1651051783545&bpp=1&bdt=1207&idt=73&shv=r20220425&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=198141109701&frm=20&pv=1&ga_vid=1859273188.1651051783&ga_sid=1651051784&ga_hid=1924496618&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1095&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067068%2C31067235%2C44762570&oid=2&pvsid=482307673982534&pem=424&tmod=1232595153&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=7g32Plrpyy&p=http%3A//vskidku.com.ua&dtd=75
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 09:09:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame D038 23 KB
23 KB 126ms
85ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular|EB+Garamond:regular|Lato:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 58950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:07:14 GMT

GET
DATA 200
OK truncated
/ Frame D847 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e836df396494f2595095a2999a9329dcac0acf0c211eca1a967e88c38a880dd3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9850
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

91ms
90ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 09:29:44 GMT
expires: Wed, 27 Apr 2022 09:29:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 09:29:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8484 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 20:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 20:39:33 GMT

GET
H3 200 tissot-02.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/ Frame D038 65 KB
65 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/tissot-02.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca5e152edcf24af3286e0b04fe7fae34d1b973de5bdff3f70e86d3acc16a58b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66225
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 17:31:01 GMT
server: sffe
date: Mon, 25 Apr 2022 03:15:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 03:15:21 GMT

GET
H3 200 tissot-01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/ Frame D038 51 KB
51 KB 49ms
48ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/tissot-01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69ac57375d148d93526fd3255e26a88be396eea00d28642d8ad5abb75139479

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 195263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51953
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 17:31:01 GMT
server: sffe
date: Mon, 25 Apr 2022 03:15:21 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 03:15:21 GMT

GET
H3 200 chisholm-hunter-logo-secondary.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/ Frame D038 11 KB
4 KB 47ms
47ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/chisholm-hunter-logo-secondary.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f211c17aad363105a1c503188d7920fae4a37e738a25e0c96869ed7873d56f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 195263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4162
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 17:31:01 GMT
server: sffe
date: Mon, 25 Apr 2022 03:15:21 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 03:15:21 GMT

GET
DATA 200
OK truncated
/ Frame D038 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 chisholm-hunter-logo-secondary.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/ Frame D038 11 KB
4 KB 39ms
39ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4322387679531499520/chisholm-hunter-logo-secondary.svg

Requested by

Host: vskidku.com.ua
URL: http://vskidku.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f211c17aad363105a1c503188d7920fae4a37e738a25e0c96869ed7873d56f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 195263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4162
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 17:31:01 GMT
server: sffe
date: Mon, 25 Apr 2022 03:15:21 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 03:15:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E56B 42 B
64 B 153ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmCNzE6ew89ZkEei2PlESrX21yibRZlSOa7tLKDs3EFuDxcJdWQP9Ju6m8Nqiy3DIczuduMpCwAxklczesNW_-WRMhEje99MBDK_a1i4cu_g20_8PPZg&sai=AMfl-YTTdy5hssrGb9c22y6IHVrdg933HlTb-uXH9juro147PPXo66H6bLj1o6BDIrPD3-A6U5_lSWpEhxvC&sig=Cg0ArKJSzGr3HHsy7ooPEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3649808460&rs=2&la=0&cr=0&vs=4&r=v&rst=1651051783616&rpt=884&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D847 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1ET8Wfyf-FabPTPrxQdTjAy02Kv-VY7u-AP-anInG5lTj6ijsetp097v0sgpm0qDCMda476t6Hl1y8qIkjwcLxA&sig=Cg0ArKJSzPY0idOohN1VEAE&id=lidar2&mcvt=1000&p=0,0,572,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=14&adk=204702715&rs=2&la=0&cr=0&vs=4&r=v&rst=1651051783621&rpt=1311&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 36729285 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 230ms
229ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/36729285?wmode=0&wv-part=1&wv-hit=1072892489&page-url=http%3A%2F%2Fvskidku.com.ua%2F&rn=464587745&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1651051786%3Aw%3A1600x1200%3Av%3A790%3Az%3A0%3Ai%3A20220427092946%3Au%3A1651051783786273160%3Avf%3Aa8mjecanfhquhrotpwxk%3Awe%3A1%3Ast%3A1651051786&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:46 GMT
last-modified: Wed, 27-Apr-2022 09:29:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:46 GMT

POST
H2 200 36729285 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 77ms
76ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/36729285?wmode=0&wv-part=1&wv-hit=1072892489&page-url=http%3A%2F%2Fvskidku.com.ua%2F&rn=1062590371&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1651051787%3Aw%3A1600x1200%3Av%3A790%3Az%3A0%3Ai%3A20220427092946%3Au%3A1651051783786273160%3Avf%3Aa8mjecanfhquhrotpwxk%3Awe%3A1%3Ast%3A1651051787&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vskidku.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 09:29:46 GMT
last-modified: Wed, 27-Apr-2022 09:29:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vskidku.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 27-Apr-2022 09:29:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.acint.net
URL: https://www.acint.net/aci.js

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.w.uptolike.com/	1970-01-20 20:08:43	Name: utl_id2 Value: 27163240538
.w.uptolike.com/	1970-01-20 20:08:43	Name: utl_dat Value: "CN/G69KGMBAAIN+XttuGMCjfl7bbhjAwAIyCKnxRiYrd0lRBCSciJA8="
.vskidku.com.ua/	1970-01-20 11:23:07	Name: _ym_uid Value: 1651051783786273160
.vskidku.com.ua/	1970-01-20 11:23:07	Name: _ym_d Value: 1651051783
.vskidku.com.ua/	1970-01-20 20:08:43	Name: _ga Value: GA1.3.1859273188.1651051783
.vskidku.com.ua/	1970-01-20 02:38:58	Name: _gid Value: GA1.3.1777608294.1651051783
.vskidku.com.ua/	1970-01-20 02:37:31	Name: _dc_gtm_UA-42492266-3 Value: 1
prodmp.ru/	1970-01-20 04:47:07	Name: rai Value: 79e1ffaa0e0724ee3544ee6cef0a4d5f
.yandex.ru/	1970-01-20 11:23:07	Name: ymex Value: 1682587783.yrts.1651051783#1682587783.yrtsi.1651051783
.yandex.ru/	1970-01-20 11:23:07	Name: yandexuid Value: 9247566481651051783
.yandex.ru/	1970-01-20 11:23:07	Name: yuidss Value: 9247566481651051783
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1623135761651051783
.yandex.ru/	1970-01-23 18:13:31	Name: i Value: ePpu6ugW+ewvuQJJpAoxNBDTTJzpnD1DtTK0isL3Q65HsL7FWEF8v6JS2zDfjxAKBNXZdGZaIPtCUFThhhimoLUcP7U=
.vskidku.com.ua/	1970-01-20 02:38:43	Name: _ym_isad Value: 2
.vskidku.com.ua/	1970-01-20 11:59:07	Name: __gads Value: ID=693408c1162259e1-2260cd9f82cd00d3:T=1651051783:RT=1651051783:S=ALNI_MY7-3lxFyd3ffTPSGjw2qbUvkIy3g
.vskidku.com.ua/	1970-01-20 02:37:33	Name: _ym_visorc Value: w
dmpprof.com/	1970-01-20 12:37:31	Name: uid Value: 9d9e3644-885a-49ac-b7a9-369958eb3e8d
.mc.webvisor.org/	1970-01-20 02:37:32	Name: sync_cookie_csrf Value: 4050838852fake
.uuidksinc.net/	1970-01-20 11:23:07	Name: jcsuuid Value: dKI2wTmnMboQJir7iXnT
.admixer.net/	1970-01-20 04:47:07	Name: am-uid Value: 33020e151afd4710ab83a405186dab25
dmpprof.com/	1970-01-20 02:57:41	Name: enrich_data_v2_5 Value: 1651051783
vskidku.com.ua/	1970-01-20 20:08:43	Name: GN_USER_ID_KEY Value: a46f2aef-812f-4d37-8196-f41a4a382f12
vskidku.com.ua/	1970-01-20 02:37:33	Name: GN_SESSION_ID_KEY Value: 168492c8-29ed-4fd7-b7be-1fc40dc2934d
.mc.yandex.ru/	1970-01-20 02:37:32	Name: sync_cookie_csrf Value: 329043329fake
dprof.site/	1970-01-20 12:37:31	Name: uid Value: 9d9e3644-885a-49ac-b7a9-369958eb3e8d
.webvisor.org/	1970-01-27 09:49:31	Name: yandexuid Value: 9247566481651051783
.webvisor.org/	1970-01-27 09:49:31	Name: yuidss Value: 9247566481651051783
.mc.webvisor.org/	1970-01-20 02:38:58	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 11:59:07	Name: IDE Value: AHWqTUn-ys4XVxPHjyAiz80pXhLqX5wHYqkNIW5rVT29feLlXgp5VqHtXFl5YrIEXBc
.doubleclick.net/	1970-01-20 02:37:35	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/meta/986395?target-ref=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&pcode-test-ids=551983%2C0%2C66%3B574030%2C0%2C43%3B572084%2C0%2C23%3B574180%2C0%2C19%3B574178%2C0%2C44%3B574185%2C0%2C25%3B574183%2C0%2C4%3B564895%2C0%2C92%3B406668%2C0%2C56%3B574104%2C0%2C-1&pcode-flags-map=eJyVV8Fu2zgQ%2FZWFz8GCIiVR6o2SaJsIRaokZcctCqLb9Z6CxaKbFgsU%2FfcdSrIdyQnd5ODEgd7j8M3Mm9GPFVesktzXuuG19futcFwK61bvPv5Yff%2F8%2BO24erdypueru9XT8d8n8Sd8T3GJsnL189PdqhF2wDd8zXrpvNvylnvedu7gm94wJ7S6yUXJwNXyRjC%2FFkBXCQdY7jsjtBHAtWa102bGhH5H4Se5YksHtp2WPYRS9c5p5ZkS7XUw4%2BWvCOhA0Cux1gZQvwIZ1ai3TG1ATCnqe5DC6H6z9VJvRD3jgLtAJKfQTneccRJMMR44pwTtunJKUlzONKFl8hx4URXSK9zWt5aHr44b36sGPlnVeK3k4QZxluJJWWbhUmrj%2BUPn15LBH8ujvDt0V9nzICcUihWGN6cMx8%2BkJE%2FIK2feOGxGnCxZcX5mnWLfasUPnXaghLctk9J33NRcxTshQykmo9yGv%2B%2B5dX7XMojQ6NYfGMj74E0fp8CU4PGSdqv3XrKKy0sUY5HEGQhKUHm%2BkO3Njh%2BgWNSOG%2BhI7RXfe9bUhkMH7Pj0wIxyJxqu55xJXiRnziu0B267bKfveZmUf8FlYkQhKGGh7IRaay%2BFuo9fDqqOZMtsTUFo2QCjP8cmFFS1YtK3uullvLiyLEOEnomDRnUQHPSa%2BtPxhxvZB4oifd5svbJ912njoMKlZqG7bG1E57w1td8zo4Ta3OCkWUrfXPPQWVs5t4YkuOOMOic0Lc7UrR5vyYQEdK3DZ8ckd%2BC7irVz9aTYbJ2vNjM%2BShC9pMa60aheKIyM4qLIF9gsH2NhzVo%2F%2BBb02QkrKiHDhSCwwUVnNMf%2F%2FpkbLyUEnbx6kjsowdruOe7p67fjDFaQcoKBFVobSnGJuT7rDHox3gpC3is%2Bs52PUPk5pnc4g3GZwa%2BiKJI7kqVJUdxhUmYk%2FMoQze9wnqYpucMIQ9ZOjxBU5jnAKSpRAnCapsWnmZGVCUqmmLzlXHldQWft5mGsjn9%2F%2FuPxOB8vOS7HIlsLuAvcf8uHDCsXlyHNyDRePnCFPTg5%2BPlGeZz49wRKgHeeRAkyjMvR7Tro2tp54yrQH3yAR3EUl9kYca17Ndjaw9ZEIQUtpol1dmLf6JYJFYNBPjCZxkNwxVActW4r7de9lNDNoHMUn4Cdo7O2ldH3kBjQ1W%2BMaOJImhX5iwF72LOcEVUUDrWTj%2Ffdi2bDXYi8CztDFEXSJKGXjIZLwp7QwKIAG9Mmjk2TtEAX7GkZrLQJrWhYI3r72y8yHFi47XhNz%2BSeHWwcSU6LTrPuoBBtpxW0sxMt1%2F3ct%2FHSCNMUkVGpQZ8wK%2B1y1F%2BdlwHNMwMwPDjO6bzg0XF4Sim%2Bhot1GGD7YJ%2B36uoVhlMAOyb7WbYIehl93vhDTQvVQZI9M2387DyZuvbmAF9CM4TScUhIDvMPxo6BIcGMYAvB8RI2pXfRhYbDGG1gvv5iO4YxP%2BWaGRuWVMcu5cKNgYEBK%2FpzjmyGL1CKJsOapi2Y%2FU7wfZjz0aNzmk8zw4oPMGm4snDYZWpEwRTl2QRuGexxrbZM1EEHu2UNLIrgDHECGC3l9ZvAyGbjTnTBBntudD9UzPBac6vQL9CgkVewZdTw6iHaTRyGQaxn1Y0eEHQG68JeFy%2FNsiyKBXBYCOewL4%2FHz1%2FnhZHk00QxvIPnx839tMaztRtK3GgpZ0S1kwuasji1hm3ul8MXpjYic%2FcZ%2FzOOMmVFM5wztCGX8PasnA1ZdsINVtocXquYNZOWL0Q87aNbqNQPWjk2vEqEc2DRvHovukoC7B1jZEOT129G0zET02r5xpOzCQuCqHPuw6B%2FCwk5CzshfNtLJyqm1LiML%2FP55elx3rRpUWavLnqxvRLl%2BbTSbgyr8K1QUXp51geDmFlQglHs%2BRfGXJK9iPj5P3qtKH0%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LatSAaweCo1zqhzFD0W%2B7jc%2BD99KiR5aBnY13XeV4qSaXxh0H%2BqoOqGIsT4p3RZUrP5z%2BYHCjcYUiIWPT0pyjF02vU0%3D&duid=MTY1MTA1MTc4Mzc4NjI3MzE2MA%3D%3D&imp-id=8&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=451401062809602&ad-session-id=6189161651051784020&target-id=45495917&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fvskidku.com.ua&top-ancestor-undetermined=0&pcode-version=573237&pcodever=573237&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A1002%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=2368&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9CkKntIwsqeshGKijQ3EdvZlFn-PMkqgiiy6qiHPT1kmVpi23jeHEE2v_bPOW5lmaX_qltaaKOWfHZx_HgB4V4ArEGDVN2sbWnZfMceAIIQwFMUYYXrcB17AcgsZpnH6oI2xYB4GzEP2QfEfQ-A1CYzXISyQ4aN7pkC5YP9QROoQNo3FPzR4KrIP4toOkN-ifg_QrnIbp4FOjYvSlMnc-0GM9NcZMwvk69vb4gE97I36DtMNpz-rUFA2-g9-gTP2c9-H2KRBR_yKrDkTRqZVSVxwrlNK0yBRKN3HjVAHAZqJU1Y5KceoWPSrEKbk6S73cTwI3CSN1z8PITSOXXN3gOghnNndL5jeIjoCqz9nchvOGWy-vQXBwHQTHx2kQX_hpEPTpC_yktEU_2aVj1dFsB3-Lnc-_hfhkSOhSmnKeDb9eftxIaoJvynobNv1vjYucuhsBG7QTCawXvsj9_oPXG5R3ETh4Ezcsh_ANhIsZ4_vCv_RUH6yt-OD7EGty426enAapPysEjxOHmb3J6b-PXK1SKFU1WPIwI6oBSv2ex4XnkaujglRe-L2Cl2QJcZqVbhioFcosIWXiFRdJVIrTSGSi2VCfOPVNNPbQ2vikhZFc7hdR1uMwkqkVpJ4kySQiyjwUU4oKpap4TZ9Kv-ulPmmSp9PhZcpkcdoDURyXfiKTup_gBUVk4fHLMIqJ1IoGczyR-xj-3gnXXPOjDuphmoBhjktz9s7q7krVjjSnTJp4iTx-g6xMovgpdSZ1LLOp1Yr-hsw5yjq9ju0NkFfPmqCz1427nSAjLRuiPmruUjy1lDhPA5fxGc0HmCh8P0_zRc7W4dIw8ErPPbp9aS-2ksxkPZ7AT8WJSFwWQ-Udgyg2EMaJt53jxCouM9WauKlYV9lrRObL1cZs4mTH6jd6rZ_OjRNxIZv8f2VA5-PSIgtJXmokqUSLcJUHBw0k0EEBuYMaigORm_per4cExi5gNXeVKDZ-xFwkS-I3KCfw1prxiKPIMk_cJF3sUlQKAF_730NRfQiFAvz1_jFRmJP3QxKz00ehzvPzMC6JvRKMvqA9cUmxIXzIgT3qg_D2uL0BOq0WzfOO7Gq8TZFHdzb8SXUtH8GtmeY1eF_l7qFaV4GZkyt60rgG9P_AsG_DdvB-kOYVuBvzteplA2yCiGk_OpZa-1w4_5O7yF7z8lg09gEwHcRXJJC1rHBG5V3PwlhxX-sG7KtBAm25wf5BvJHKNa8CNXI3Z-Rs1pW8RrcD8rlttO8tWv6BtUL-VYhQm_PAnMKqnKxxDcaI83dYratA_OSL7FqXAR9EsroRnK-CfsNpGWCta9A2ZHd8LC2OD23LedCvZbQuQrVNJ3_Dpu1aqPa1K49rKgiqdQ_PITA3qjp49HRgaeuU2C3z61OT_Cl3o36AMvCvr_yVbHlVImOIUHyGWrMUplGh0osZpU1q0mkr7JZXNJGlDoNBxNxua1GMowghQ95ZdYroavN5VelhhcrGqQpj1o1cOEPqWFV3pD4oHOue-5E4DxThstsLfFWgoEp9n361t3TsYaNH-S0D7eCj6MZ06NQDWRi6RjmTtsgPEJJO1VxmjBOeiYpIbDzPC_OkiEuSJJOlrvG4vZTfR8OuxV5Rjcn92gz-SEpVHGLPq8Ll7icnvLH3FWH9b0K0mdzq4nqul8rI93JoCtojfPPMswXTfrxgeOqhEDCH00cVcynAn1GaWJocUbLC64p3igar-qnQ8pdKA2drmHI-hz3mRsA8lfbxxhWYkx_GiRFVF_oG3vS1v19b_5_ONVIahDGdY4NrAOAth0SXP8JVJtX19fnvTyw918SzJcHKRZmO4VJVH8celyY8ezL-OlIXz8FdacxKxBFW5pW9nYfteg7s_tX73SUzzAF24FvOdBPu5MojLf4LpzYiZEhog4Jzk4SWnv2Kx-xVFtXGbGDhbDZUZ6o8CdHwv4Mf_VWj0UIvlgw08pCjBBMlym6ah7ZRNfoP5aUkmyMYulUQDz1_YaPXUC1mg2vIi-gdyih1SUJforaZRl0tKqYdpcWLeyL5mg55avJEEr9YJsDS29Iky9Lo6pbJHKHvA68JezxvjS-3WuZqk-jgpHPGS80etw5OB5t6gaAJG1d3OFnoiy2-Q08u80NRQNO0mInomMDo3Fwl75kfBgcHAVnlMJEVIjd8bII4dVM1et5tHoO2EmI8Jqza8Kngoh4P0q9W9miV18IPHcTLH1txxItaB8--QphYAjOkpTQSL4gLojKPQ-_ZgshImdY43VywPpLBeZTyOMwljJcq7FTVwGcD-A%3D%3D&uniformat=true&callback=Ya%5B8419320228065%5D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/meta/986395?target-ref=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&pcode-test-ids=551983%2C0%2C66%3B574030%2C0%2C43%3B572084%2C0%2C23%3B574180%2C0%2C19%3B574178%2C0%2C44%3B574185%2C0%2C25%3B574183%2C0%2C4%3B564895%2C0%2C92%3B406668%2C0%2C56%3B574104%2C0%2C-1&pcode-flags-map=eJyVV8Fu2zgQ%2FZWFz8GCIiVR6o2SaJsIRaokZcctCqLb9Z6CxaKbFgsU%2FfcdSrIdyQnd5ODEgd7j8M3Mm9GPFVesktzXuuG19futcFwK61bvPv5Yff%2F8%2BO24erdypueru9XT8d8n8Sd8T3GJsnL189PdqhF2wDd8zXrpvNvylnvedu7gm94wJ7S6yUXJwNXyRjC%2FFkBXCQdY7jsjtBHAtWa102bGhH5H4Se5YksHtp2WPYRS9c5p5ZkS7XUw4%2BWvCOhA0Cux1gZQvwIZ1ai3TG1ATCnqe5DC6H6z9VJvRD3jgLtAJKfQTneccRJMMR44pwTtunJKUlzONKFl8hx4URXSK9zWt5aHr44b36sGPlnVeK3k4QZxluJJWWbhUmrj%2BUPn15LBH8ujvDt0V9nzICcUihWGN6cMx8%2BkJE%2FIK2feOGxGnCxZcX5mnWLfasUPnXaghLctk9J33NRcxTshQykmo9yGv%2B%2B5dX7XMojQ6NYfGMj74E0fp8CU4PGSdqv3XrKKy0sUY5HEGQhKUHm%2BkO3Njh%2BgWNSOG%2BhI7RXfe9bUhkMH7Pj0wIxyJxqu55xJXiRnziu0B267bKfveZmUf8FlYkQhKGGh7IRaay%2BFuo9fDqqOZMtsTUFo2QCjP8cmFFS1YtK3uullvLiyLEOEnomDRnUQHPSa%2BtPxhxvZB4oifd5svbJ912njoMKlZqG7bG1E57w1td8zo4Ta3OCkWUrfXPPQWVs5t4YkuOOMOic0Lc7UrR5vyYQEdK3DZ8ckd%2BC7irVz9aTYbJ2vNjM%2BShC9pMa60aheKIyM4qLIF9gsH2NhzVo%2F%2BBb02QkrKiHDhSCwwUVnNMf%2F%2FpkbLyUEnbx6kjsowdruOe7p67fjDFaQcoKBFVobSnGJuT7rDHox3gpC3is%2Bs52PUPk5pnc4g3GZwa%2BiKJI7kqVJUdxhUmYk%2FMoQze9wnqYpucMIQ9ZOjxBU5jnAKSpRAnCapsWnmZGVCUqmmLzlXHldQWft5mGsjn9%2F%2FuPxOB8vOS7HIlsLuAvcf8uHDCsXlyHNyDRePnCFPTg5%2BPlGeZz49wRKgHeeRAkyjMvR7Tro2tp54yrQH3yAR3EUl9kYca17Ndjaw9ZEIQUtpol1dmLf6JYJFYNBPjCZxkNwxVActW4r7de9lNDNoHMUn4Cdo7O2ldH3kBjQ1W%2BMaOJImhX5iwF72LOcEVUUDrWTj%2Ffdi2bDXYi8CztDFEXSJKGXjIZLwp7QwKIAG9Mmjk2TtEAX7GkZrLQJrWhYI3r72y8yHFi47XhNz%2BSeHWwcSU6LTrPuoBBtpxW0sxMt1%2F3ct%2FHSCNMUkVGpQZ8wK%2B1y1F%2BdlwHNMwMwPDjO6bzg0XF4Sim%2Bhot1GGD7YJ%2B36uoVhlMAOyb7WbYIehl93vhDTQvVQZI9M2387DyZuvbmAF9CM4TScUhIDvMPxo6BIcGMYAvB8RI2pXfRhYbDGG1gvv5iO4YxP%2BWaGRuWVMcu5cKNgYEBK%2FpzjmyGL1CKJsOapi2Y%2FU7wfZjz0aNzmk8zw4oPMGm4snDYZWpEwRTl2QRuGexxrbZM1EEHu2UNLIrgDHECGC3l9ZvAyGbjTnTBBntudD9UzPBac6vQL9CgkVewZdTw6iHaTRyGQaxn1Y0eEHQG68JeFy%2FNsiyKBXBYCOewL4%2FHz1%2FnhZHk00QxvIPnx839tMaztRtK3GgpZ0S1kwuasji1hm3ul8MXpjYic%2FcZ%2FzOOMmVFM5wztCGX8PasnA1ZdsINVtocXquYNZOWL0Q87aNbqNQPWjk2vEqEc2DRvHovukoC7B1jZEOT129G0zET02r5xpOzCQuCqHPuw6B%2FCwk5CzshfNtLJyqm1LiML%2FP55elx3rRpUWavLnqxvRLl%2BbTSbgyr8K1QUXp51geDmFlQglHs%2BRfGXJK9iPj5P3qtKH0%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LatSAaweCo1zqhzFD0W%2B7jc%2BD99KiR5aBnY13XeV4qSaXxh0H%2BqoOqGIsT4p3RZUrP5z%2BYHCjcYUiIWPT0pyjF02vU0%3D&duid=MTY1MTA1MTc4Mzc4NjI3MzE2MA%3D%3D&imp-id=11&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=451401062809602&ad-session-id=6189161651051784020&target-id=81551487&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fvskidku.com.ua&top-ancestor-undetermined=0&pcode-version=573237&pcodever=573237&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=2368&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9CkKntIwsqeshGKijQ3EdvZlFn-PMkqgiiy6qiHPT1kmVpi23jeHEE2v_bPOW5lmaX_qltaaKOWfHZx_HgB4V4ArEGDVN2sbWnZfMceAIIQwFMUYYXrcB17AcgsZpnH6oI2xYB4GzEP2QfEfQ-A1CYzXISyQ4aN7pkC5YP9QROoQNo3FPzR4KrIP4toOkN-ifg_QrnIbp4FOjYvSlMnc-0GM9NcZMwvk69vb4gE97I36DtMNpz-rUFA2-g9-gTP2c9-H2KRBR_yKrDkTRqZVSVxwrlNK0yBRKN3HjVAHAZqJU1Y5KceoWPSrEKbk6S73cTwI3CSN1z8PITSOXXN3gOghnNndL5jeIjoCqz9nchvOGWy-vQXBwHQTHx2kQX_hpEPTpC_yktEU_2aVj1dFsB3-Lnc-_hfhkSOhSmnKeDb9eftxIaoJvynobNv1vjYucuhsBG7QTCawXvsj9_oPXG5R3ETh4Ezcsh_ANhIsZ4_vCv_RUH6yt-OD7EGty426enAapPysEjxOHmb3J6b-PXK1SKFU1WPIwI6oBSv2ex4XnkaujglRe-L2Cl2QJcZqVbhioFcosIWXiFRdJVIrTSGSi2VCfOPVNNPbQ2vikhZFc7hdR1uMwkqkVpJ4kySQiyjwUU4oKpap4TZ9Kv-ulPmmSp9PhZcpkcdoDURyXfiKTup_gBUVk4fHLMIqJ1IoGczyR-xj-3gnXXPOjDuphmoBhjktz9s7q7krVjjSnTJp4iTx-g6xMovgpdSZ1LLOp1Yr-hsw5yjq9ju0NkFfPmqCz1427nSAjLRuiPmruUjy1lDhPA5fxGc0HmCh8P0_zRc7W4dIw8ErPPbp9aS-2ksxkPZ7AT8WJSFwWQ-Udgyg2EMaJt53jxCouM9WauKlYV9lrRObL1cZs4mTH6jd6rZ_OjRNxIZv8f2VA5-PSIgtJXmokqUSLcJUHBw0k0EEBuYMaigORm_per4cExi5gNXeVKDZ-xFwkS-I3KCfw1prxiKPIMk_cJF3sUlQKAF_730NRfQiFAvz1_jFRmJP3QxKz00ehzvPzMC6JvRKMvqA9cUmxIXzIgT3qg_D2uL0BOq0WzfOO7Gq8TZFHdzb8SXUtH8GtmeY1eF_l7qFaV4GZkyt60rgG9P_AsG_DdvB-kOYVuBvzteplA2yCiGk_OpZa-1w4_5O7yF7z8lg09gEwHcRXJJC1rHBG5V3PwlhxX-sG7KtBAm25wf5BvJHKNa8CNXI3Z-Rs1pW8RrcD8rlttO8tWv6BtUL-VYhQm_PAnMKqnKxxDcaI83dYratA_OSL7FqXAR9EsroRnK-CfsNpGWCta9A2ZHd8LC2OD23LedCvZbQuQrVNJ3_Dpu1aqPa1K49rKgiqdQ_PITA3qjp49HRgaeuU2C3z61OT_Cl3o36AMvCvr_yVbHlVImOIUHyGWrMUplGh0osZpU1q0mkr7JZXNJGlDoNBxNxua1GMowghQ95ZdYroavN5VelhhcrGqQpj1o1cOEPqWFV3pD4oHOue-5E4DxThstsLfFWgoEp9n361t3TsYaNH-S0D7eCj6MZ06NQDWRi6RjmTtsgPEJJO1VxmjBOeiYpIbDzPC_OkiEuSJJOlrvG4vZTfR8OuxV5Rjcn92gz-SEpVHGLPq8Ll7icnvLH3FWH9b0K0mdzq4nqul8rI93JoCtojfPPMswXTfrxgeOqhEDCH00cVcynAn1GaWJocUbLC64p3igar-qnQ8pdKA2drmHI-hz3mRsA8lfbxxhWYkx_GiRFVF_oG3vS1v19b_5_ONVIahDGdY4NrAOAth0SXP8JVJtX19fnvTyw918SzJcHKRZmO4VJVH8celyY8ezL-OlIXz8FdacxKxBFW5pW9nYfteg7s_tX73SUzzAF24FvOdBPu5MojLf4LpzYiZEhog4Jzk4SWnv2Kx-xVFtXGbGDhbDZUZ6o8CdHwv4Mf_VWj0UIvlgw08pCjBBMlym6ah7ZRNfoP5aUkmyMYulUQDz1_YaPXUC1mg2vIi-gdyih1SUJforaZRl0tKqYdpcWLeyL5mg55avJEEr9YJsDS29Iky9Lo6pbJHKHvA68JezxvjS-3WuZqk-jgpHPGS80etw5OB5t6gaAJG1d3OFnoiy2-Q08u80NRQNO0mInomMDo3Fwl75kfBgcHAVnlMJEVIjd8bII4dVM1et5tHoO2EmI8Jqza8Kngoh4P0q9W9miV18IPHcTLH1txxItaB8--QphYAjOkpTQSL4gLojKPQ-_ZgshImdY43VywPpLBeZTyOMwljJcq7FTVwGcD-A%3D%3D&uniformat=true&callback=Ya%5B5228843718822%5D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/meta/986395?target-ref=http%3A%2F%2Fvskidku.com.ua%2F&charset=utf-8&pcode-test-ids=551983%2C0%2C66%3B574030%2C0%2C43%3B572084%2C0%2C23%3B574180%2C0%2C19%3B574178%2C0%2C44%3B574185%2C0%2C25%3B574183%2C0%2C4%3B564895%2C0%2C92%3B406668%2C0%2C56%3B574104%2C0%2C-1&pcode-flags-map=eJyVV8Fu2zgQ%2FZWFz8GCIiVR6o2SaJsIRaokZcctCqLb9Z6CxaKbFgsU%2FfcdSrIdyQnd5ODEgd7j8M3Mm9GPFVesktzXuuG19futcFwK61bvPv5Yff%2F8%2BO24erdypueru9XT8d8n8Sd8T3GJsnL189PdqhF2wDd8zXrpvNvylnvedu7gm94wJ7S6yUXJwNXyRjC%2FFkBXCQdY7jsjtBHAtWa102bGhH5H4Se5YksHtp2WPYRS9c5p5ZkS7XUw4%2BWvCOhA0Cux1gZQvwIZ1ai3TG1ATCnqe5DC6H6z9VJvRD3jgLtAJKfQTneccRJMMR44pwTtunJKUlzONKFl8hx4URXSK9zWt5aHr44b36sGPlnVeK3k4QZxluJJWWbhUmrj%2BUPn15LBH8ujvDt0V9nzICcUihWGN6cMx8%2BkJE%2FIK2feOGxGnCxZcX5mnWLfasUPnXaghLctk9J33NRcxTshQykmo9yGv%2B%2B5dX7XMojQ6NYfGMj74E0fp8CU4PGSdqv3XrKKy0sUY5HEGQhKUHm%2BkO3Njh%2BgWNSOG%2BhI7RXfe9bUhkMH7Pj0wIxyJxqu55xJXiRnziu0B267bKfveZmUf8FlYkQhKGGh7IRaay%2BFuo9fDqqOZMtsTUFo2QCjP8cmFFS1YtK3uullvLiyLEOEnomDRnUQHPSa%2BtPxhxvZB4oifd5svbJ912njoMKlZqG7bG1E57w1td8zo4Ta3OCkWUrfXPPQWVs5t4YkuOOMOic0Lc7UrR5vyYQEdK3DZ8ckd%2BC7irVz9aTYbJ2vNjM%2BShC9pMa60aheKIyM4qLIF9gsH2NhzVo%2F%2BBb02QkrKiHDhSCwwUVnNMf%2F%2FpkbLyUEnbx6kjsowdruOe7p67fjDFaQcoKBFVobSnGJuT7rDHox3gpC3is%2Bs52PUPk5pnc4g3GZwa%2BiKJI7kqVJUdxhUmYk%2FMoQze9wnqYpucMIQ9ZOjxBU5jnAKSpRAnCapsWnmZGVCUqmmLzlXHldQWft5mGsjn9%2F%2FuPxOB8vOS7HIlsLuAvcf8uHDCsXlyHNyDRePnCFPTg5%2BPlGeZz49wRKgHeeRAkyjMvR7Tro2tp54yrQH3yAR3EUl9kYca17Ndjaw9ZEIQUtpol1dmLf6JYJFYNBPjCZxkNwxVActW4r7de9lNDNoHMUn4Cdo7O2ldH3kBjQ1W%2BMaOJImhX5iwF72LOcEVUUDrWTj%2Ffdi2bDXYi8CztDFEXSJKGXjIZLwp7QwKIAG9Mmjk2TtEAX7GkZrLQJrWhYI3r72y8yHFi47XhNz%2BSeHWwcSU6LTrPuoBBtpxW0sxMt1%2F3ct%2FHSCNMUkVGpQZ8wK%2B1y1F%2BdlwHNMwMwPDjO6bzg0XF4Sim%2Bhot1GGD7YJ%2B36uoVhlMAOyb7WbYIehl93vhDTQvVQZI9M2387DyZuvbmAF9CM4TScUhIDvMPxo6BIcGMYAvB8RI2pXfRhYbDGG1gvv5iO4YxP%2BWaGRuWVMcu5cKNgYEBK%2FpzjmyGL1CKJsOapi2Y%2FU7wfZjz0aNzmk8zw4oPMGm4snDYZWpEwRTl2QRuGexxrbZM1EEHu2UNLIrgDHECGC3l9ZvAyGbjTnTBBntudD9UzPBac6vQL9CgkVewZdTw6iHaTRyGQaxn1Y0eEHQG68JeFy%2FNsiyKBXBYCOewL4%2FHz1%2FnhZHk00QxvIPnx839tMaztRtK3GgpZ0S1kwuasji1hm3ul8MXpjYic%2FcZ%2FzOOMmVFM5wztCGX8PasnA1ZdsINVtocXquYNZOWL0Q87aNbqNQPWjk2vEqEc2DRvHovukoC7B1jZEOT129G0zET02r5xpOzCQuCqHPuw6B%2FCwk5CzshfNtLJyqm1LiML%2FP55elx3rRpUWavLnqxvRLl%2BbTSbgyr8K1QUXp51geDmFlQglHs%2BRfGXJK9iPj5P3qtKH0%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LatSAaweCo1zqhzFD0W%2B7jc%2BD99KiR5aBnY13XeV4qSaXxh0H%2BqoOqGIsT4p3RZUrP5z%2BYHCjcYUiIWPT0pyjF02vU0%3D&duid=MTY1MTA1MTc4Mzc4NjI3MzE2MA%3D%3D&imp-id=12&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=451401062809602&ad-session-id=6189161651051784020&target-id=23266829&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fvskidku.com.ua&top-ancestor-undetermined=0&pcode-version=573237&pcodever=573237&flash-ver=0&available-width=300&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A2%7D&grab-orig-len=2368&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9CkKntIwsqeshGKijQ3EdvZlFn-PMkqgiiy6qiHPT1kmVpi23jeHEE2v_bPOW5lmaX_qltaaKOWfHZx_HgB4V4ArEGDVN2sbWnZfMceAIIQwFMUYYXrcB17AcgsZpnH6oI2xYB4GzEP2QfEfQ-A1CYzXISyQ4aN7pkC5YP9QROoQNo3FPzR4KrIP4toOkN-ifg_QrnIbp4FOjYvSlMnc-0GM9NcZMwvk69vb4gE97I36DtMNpz-rUFA2-g9-gTP2c9-H2KRBR_yKrDkTRqZVSVxwrlNK0yBRKN3HjVAHAZqJU1Y5KceoWPSrEKbk6S73cTwI3CSN1z8PITSOXXN3gOghnNndL5jeIjoCqz9nchvOGWy-vQXBwHQTHx2kQX_hpEPTpC_yktEU_2aVj1dFsB3-Lnc-_hfhkSOhSmnKeDb9eftxIaoJvynobNv1vjYucuhsBG7QTCawXvsj9_oPXG5R3ETh4Ezcsh_ANhIsZ4_vCv_RUH6yt-OD7EGty426enAapPysEjxOHmb3J6b-PXK1SKFU1WPIwI6oBSv2ex4XnkaujglRe-L2Cl2QJcZqVbhioFcosIWXiFRdJVIrTSGSi2VCfOPVNNPbQ2vikhZFc7hdR1uMwkqkVpJ4kySQiyjwUU4oKpap4TZ9Kv-ulPmmSp9PhZcpkcdoDURyXfiKTup_gBUVk4fHLMIqJ1IoGczyR-xj-3gnXXPOjDuphmoBhjktz9s7q7krVjjSnTJp4iTx-g6xMovgpdSZ1LLOp1Yr-hsw5yjq9ju0NkFfPmqCz1427nSAjLRuiPmruUjy1lDhPA5fxGc0HmCh8P0_zRc7W4dIw8ErPPbp9aS-2ksxkPZ7AT8WJSFwWQ-Udgyg2EMaJt53jxCouM9WauKlYV9lrRObL1cZs4mTH6jd6rZ_OjRNxIZv8f2VA5-PSIgtJXmokqUSLcJUHBw0k0EEBuYMaigORm_per4cExi5gNXeVKDZ-xFwkS-I3KCfw1prxiKPIMk_cJF3sUlQKAF_730NRfQiFAvz1_jFRmJP3QxKz00ehzvPzMC6JvRKMvqA9cUmxIXzIgT3qg_D2uL0BOq0WzfOO7Gq8TZFHdzb8SXUtH8GtmeY1eF_l7qFaV4GZkyt60rgG9P_AsG_DdvB-kOYVuBvzteplA2yCiGk_OpZa-1w4_5O7yF7z8lg09gEwHcRXJJC1rHBG5V3PwlhxX-sG7KtBAm25wf5BvJHKNa8CNXI3Z-Rs1pW8RrcD8rlttO8tWv6BtUL-VYhQm_PAnMKqnKxxDcaI83dYratA_OSL7FqXAR9EsroRnK-CfsNpGWCta9A2ZHd8LC2OD23LedCvZbQuQrVNJ3_Dpu1aqPa1K49rKgiqdQ_PITA3qjp49HRgaeuU2C3z61OT_Cl3o36AMvCvr_yVbHlVImOIUHyGWrMUplGh0osZpU1q0mkr7JZXNJGlDoNBxNxua1GMowghQ95ZdYroavN5VelhhcrGqQpj1o1cOEPqWFV3pD4oHOue-5E4DxThstsLfFWgoEp9n361t3TsYaNH-S0D7eCj6MZ06NQDWRi6RjmTtsgPEJJO1VxmjBOeiYpIbDzPC_OkiEuSJJOlrvG4vZTfR8OuxV5Rjcn92gz-SEpVHGLPq8Ll7icnvLH3FWH9b0K0mdzq4nqul8rI93JoCtojfPPMswXTfrxgeOqhEDCH00cVcynAn1GaWJocUbLC64p3igar-qnQ8pdKA2drmHI-hz3mRsA8lfbxxhWYkx_GiRFVF_oG3vS1v19b_5_ONVIahDGdY4NrAOAth0SXP8JVJtX19fnvTyw918SzJcHKRZmO4VJVH8celyY8ezL-OlIXz8FdacxKxBFW5pW9nYfteg7s_tX73SUzzAF24FvOdBPu5MojLf4LpzYiZEhog4Jzk4SWnv2Kx-xVFtXGbGDhbDZUZ6o8CdHwv4Mf_VWj0UIvlgw08pCjBBMlym6ah7ZRNfoP5aUkmyMYulUQDz1_YaPXUC1mg2vIi-gdyih1SUJforaZRl0tKqYdpcWLeyL5mg55avJEEr9YJsDS29Iky9Lo6pbJHKHvA68JezxvjS-3WuZqk-jgpHPGS80etw5OB5t6gaAJG1d3OFnoiy2-Q08u80NRQNO0mInomMDo3Fwl75kfBgcHAVnlMJEVIjd8bII4dVM1et5tHoO2EmI8Jqza8Kngoh4P0q9W9miV18IPHcTLH1txxItaB8--QphYAjOkpTQSL4gLojKPQ-_ZgshImdY43VywPpLBeZTyOMwljJcq7FTVwGcD-A%3D%3D&uniformat=true&callback=Ya%5B4996239468824%5D Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
adservice.google.co.uk
adservice.google.com
an.yandex.ru
api.gravitec.media
api.sypexgeo.net
cat.fr.eu.criteo.com
cdn.gravitec.media
cdn.gravitec.net
cdn.jsdelivr.net
cdn.sendpulse.com
cdnjs.cloudflare.com
dmpprof.com
dprof.site
earzow.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inv-nets.admixer.net
ipds.adrta.com
ipinfo.io
m.trafmag.com
mc.webvisor.org
mc.yandex.ru
newrrb.bid
pagead2.googlesyndication.com
partner.googleadservices.com
pdayyocpnvh.ru
pix.eu.criteo.net
prodmp.ru
rtb.fr.eu.criteo.com
rum-static.pingdom.net
s.uuidksinc.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vskidku.com.ua
w.uptolike.com
www.acint.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yastatic.net
yso70kwbuo.com
www.acint.net
142.250.186.66
146.0.227.109
149.5.244.108
178.250.0.139
178.250.0.160
193.106.95.134
193.200.65.6
2606:4700:10::6816:3668
2606:4700:3031::6815:22c2
2606:4700::6810:5714
2606:4700::6811:190e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:2638::2
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::2
31.220.27.134
34.117.59.81
45.133.44.3
52.174.47.89
52.5.198.190
85.143.213.169
85.192.12.170
85.192.12.174
88.99.125.123
95.163.114.204
99.83.154.118
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
05c0cc9650ecc54076120a3346e0431eeea14fdf33f300a41cb18f4efb5bfd54
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0e3baed415ccaeee8ad69314d0f51df053c4c5deeb9a1edabb2e52699493189f
138a884dc4661fbbcf2cdb052fbbbbcbf2f8221cc7f8c0843f83e2d88ab559c5
13c15e7db90ed71b48e52a998ffebac1ee689194e92432933df181dd09b42f71
15dda6b402fd9a7ed1bc325966352797900fc4e0389f512380617c188325a169
17e7f7ea76d9b50b0676b66a26c656cf81d16f80b71dc888f252dd0326edc280
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e508a9583f7eed5aaf6ab887e2a95f01855809251830231b765a3d59e43d96c
1fc1c04e61c0654c571b864e441c63070556fd8d4402c8edaaa12b45d4bd83d0
2346f0a21cf0bd04d9f34d297e8c0e735cd4aaa70f90b3f8e82f5ffef175eba6
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
2ac5cb4721b26faf71da95d8825d855ec7e2588558733e84fd724fe2f21928f1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b840c2c8a24de1cc8ef553d34437c6b4ac11edee846f9b962947b1faf4a7604
2bed2666f08daedf5d70c6c9b19e39007aa88940211fd8306eeac840bc7d530d
2ca5e152edcf24af3286e0b04fe7fae34d1b973de5bdff3f70e86d3acc16a58b
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2ea6618abdce92dcab2fc38778627cddd734f8a35c889483f6c47cf3f1b6713a
3045b5c998d76c75f480b2e91388b6adef07205004129c0b8dffee745b4aa77e
31fdd4b2c9c5254db6dd7fcec76f191fadbeee0fad138715546aaf5545ced770
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34800344c715c0af51ec856df57439df269002bbb776cb5d5da9ef0118cdce91
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36bef81e56c6ee7968d93456b16905574ff5d2e7e18157b6fd56efd701914e24
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3ad2a46886e7a9d95349aae4c08d45ce7af674c3f88c1c7c745540df72329158
3fe4972a8d59f40d2f761e3e621cac2966162266c9f35886e3744424234ab627
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49c6c841d5bd1e51eff23b42740159344c0d024be2b1b50e49710ec1a118704c
4b30cf0459b1fa06f73614d7afebbeddf2559b55185e42b9db35cf51533a6d8d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e866bcf0d0aed2ab9ad34f5520f9e9569744b0f8da4bc2caf05b0105fe0e199
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
568920cbbc0f572d97377ad018096308178c111ac8a37eb93bd1257f36619bdf
57678535ca0798d3a0a117d35604d5a64208fd6f7a16251e29d1588d858c68af
57ee998a095764ce5290ce326da03e5f305f2d38d2540bc7c862315506b67297
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d4c78c0ad5487b0aa5f152f0e495b65464925810123afe32d8c646dd85a77b5
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
66c58fd2f4fe6a45a6bc4324358819acf1ca53d29ef276013c2ddda8e369d666
6a6283ff886732f7521c37e1f09a987d0135eaf2d7e3f0a54edf255131ce72bd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7013f99f1846cbc3ad0de1323b7b3ed55f957722409b2e9c010a11f251f2c467
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
737cbc10029b4d0623f768fa0471ad254a891f421a336679512995fe3afee987
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
84e1248dbd3e792ecd076e5d5dc7efe17a2a8434fa49832e92daeb6b34f4ff41
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b57a0fad813caad701e6b690dd6029efd84a05dad6fa2241be71c277fcd432f
8c67e1a148bb84dc758090fcf97d00013d90239bd060e6c8db9971a26053d5bd
8d270adc96922766fd7af68c5230c0cb984f91f2aa98246023cc7d47d15874e7
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8f5ed3c282caf986d767d034fc09b2154c15556e7a7aeaa843c84580ea2edad1
935936e9d677c9260ee36c96b1005abf61cbeaf8f18856258e9321f506e877a8
9972c1d6e20b850874167ce02c076f58481dac8e1a4a86a2fc56699fefd9f2c8
9f11e5f9c5ead6607cd5bfe9cfc2968a6f6539da2ff2c3442118641295a689f0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a34e6ac091a3de786ebb20bbe43211e7197a6267367669330a229cd6be5b5ad0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f211c17aad363105a1c503188d7920fae4a37e738a25e0c96869ed7873d56f
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b16a15d8820edaf9bacdd5a07160bc6303154d7992daa068ae69dab39e5fe748
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b93b564a019bf8151a91abec8a6430bc313620cee0b2837aecf15e53f2c7fae9
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbd4ef5e970dcf319aafa1587afc3305f264a6cf3ec4a0e991afb643d6868471
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c0a32ca11ec6dbbde67ebeb05ad0bd1ef57061375a6fe2d7032c4af4c49099e5
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec
c394a024bc6ef1c54fda0ef289476bbf3334b0c18364c273349b361fa186bade
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c69ac57375d148d93526fd3255e26a88be396eea00d28642d8ad5abb75139479
c8c8da579e363feab54671fa5c1c823c37d416198e69f59b78b3e6a8a875d73a
c9bd4b89988c4f887f63cb9d8304af55631de00ad8de5fe3f0269b6859c1184d
cbd4d3027f4036e91fe38460913bf1be0725c71d674b2b892e5a25c0e39b3844
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce8d1a304b574fa77746fa075fe083364ab565db3c2c3e9e93f11e5323e2cf8c
d5978a9436ccbc413745269336b71d6460b2ddaa49eb8e6f4310bdb164f4e272
d7d1b7e2ac0fbcca5429f40266fc8b610b192e9db278480eab58de2f285e95c1
df792d285829eaad90114f18665ccf83222910a8ff68aaf9c5dc10b97a93208e
dfc3892aeb7a998ebeb2eb3ed7f64295c008d8ec3e7456159e6575b2bf1bbad3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5899ac40c0c8c8a4cad594af3863ff8d8c2a4a9c561af1b59605b50748119f5
e836df396494f2595095a2999a9329dcac0acf0c211eca1a967e88c38a880dd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f1b1ddd4b73ae9ff6982270e53480ae2957f0d1f8e96887f6c1d7992878faf1a
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f34ade6dc0d499b5ca315d3fbf64325e8f61215e96af8d0c21cfe8c31f87f7e2
f6907f18fe198e91fdb2210035c29ef6487b034439d4fec354f3a07e9cc299d8
fa4f4e8bd3e82a154dc1c4e3c1b8af337749e6528758fdab2e3ed18668ae681a
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a
ff67ee8a25e1cdd185a2ca450e0d86b5c28e5c861e58dd4d419528f732631136

vskidku.com.ua Open in urlscan Pro 85.143.213.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

73 %HTTPS

55 %IPv6

37 Domains

45 Subdomains

39 IPs

7 Countries

2427 kBTransfer

5174 kBSize

30 Cookies

0 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

vskidku.com.ua Open in urlscan Pro
85.143.213.169 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

73 %
HTTPS

55 %
IPv6

37
Domains

45
Subdomains

39
IPs

7
Countries

2427 kB
Transfer

5174 kB
Size

30
Cookies

136 HTTP transactions
3 data transactions