sum.in.ua Open in urlscan Pro
195.242.161.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sum.in.ua/
Submission: On September 27 via api (September 27th 2022, 4:03:40 am UTC) from GB — Scanned from GB

Summary HTTP 102 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 25 domains to perform 102 HTTP transactions. The main IP is 195.242.161.64, located in Ukraine and belongs to FORTUNE-AS, UA. The main domain is sum.in.ua.

This is the only time sum.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	195.242.161.64 195.242.161.64	47434 (FORTUNE-AS) (FORTUNE-AS)
17	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 1	104.18.2.81 104.18.2.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.3.81 104.18.3.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1 2	54.77.210.17 54.77.210.17	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
3 9	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:58c::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:9000:249... 2600:9000:2491:1600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f13:800... 2600:1f13:800:7781:14d1:10cc:3c25:3c47	16509 (AMAZON-02) (AMAZON-02)
102	30

6 195.242.161.64 (Ukraine)

ASN47434 (FORTUNE-AS, UA)

sum.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.81 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)

i.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.210.17 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-210-17.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58c::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2491:1600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f13:800:7781:14d1:10cc:3c25:3c47 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	411 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	96 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 774 static.adsafeprotected.com — Cisco Umbrella Rank: 575 dt.adsafeprotected.com — Cisco Umbrella Rank: 527	108 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	55 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	5 KB
6	sum.in.ua sum.in.ua	130 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5376	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9373	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1728	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	42 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	88 KB
2	i.ua 1 redirects r.i.ua — Cisco Umbrella Rank: 161004 i.i.ua — Cisco Umbrella Rank: 479621	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	89 KB
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 1118	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	457 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	351 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 638	761 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	464 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	643 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 142080	762 B
102	25

	Domain	Requested by
17	pagead2.googlesyndication.com	sum.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com sum.in.ua
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
8	s0.2mdn.net	sum.in.ua s0.2mdn.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sum.in.ua
6	sum.in.ua	sum.in.ua
4	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net srcdoc
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	sum.in.ua
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
3	counter.yadro.ru	2 redirects sum.in.ua
2	ssum-sec.casalemedia.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	fw.adsafeprotected.com	1 redirects sum.in.ua
2	www.google.com	tpc.googlesyndication.com sum.in.ua
2	www.googletagservices.com	googleads.g.doubleclick.net sum.in.ua
2	connect.facebook.net	sum.in.ua connect.facebook.net
1	secure.insightexpressai.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.hit.ua	sum.in.ua
1	i.i.ua	sum.in.ua
1	r.i.ua	1 redirects
102	34

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
www.i.ua
hit.ua

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-06` - `2022-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.insightexpressai.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-14` - `2023-03-15`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://sum.in.ua/
Frame ID: 28873DB614424B616D8CCA0CB43593EE
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1664251415&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1664251415627&bpp=23&bdt=386&idt=289&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&abxe=1&correlator=985173508698&frm=20&pv=2&ga_vid=204786926.1664251416&ga_sid=1664251416&ga_hid=135998982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067825&oid=2&pvsid=638782561523430&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qNHbZqSDB7&p=http%3A//sum.in.ua&dtd=308
Frame ID: BFDAF3DCFDA165F114D9DE6EF58C647B
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f159b31e6442%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ff115d73d5bff144%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small
Frame ID: 0C0D71D38C3C81821577B5D3AE198E3C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 700199E9C1D72316CB423847C5D23A17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
Frame ID: 9802F0FF0B22B4ABFDB35D874A8F8A1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1664251417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664251417421&bpp=2&bdt=2181&idt=2&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D568ae8eeec68eec2-22eeaf2a30ce0094%3AT%3D1664251416%3ART%3D1664251416%3AS%3DALNI_MYEg4stTFGu-4jxoiWgmyiVGToK6w&prev_slotnames=6868198912&nras=1&correlator=985173508698&frm=20&pv=1&ga_vid=204786926.1664251416&ga_sid=1664251416&ga_hid=135998982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067825&oid=2&psts=APxP-9BHWd_6MPj3o-mlnHlI1Kw3EYLL_wMbd9TN-mRvDFtKIAmawK5JF6x16m6K31tj94i6wi-In-ZsHcGJVxXkvw&pvsid=638782561523430&tmod=268187778&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=22
Frame ID: 4E22B08688BA4A4A7970FE16B46637E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC3C9E3D38BDF7DAAD9E7AFDBC36C8AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 752B2F4B4BFC908759E3C69DDEC72EC0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6068B291297F5594F2777541885D220F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYlbqtzAEwAQ&v=APEucNXal_lBlVdjMiWHAZzPss58JKC4wkaorOMFE0x1Lx54j3YXic1w6frGRpJ-29C0It1_BWDY2SrQEthYhpkarSft7qzwAC4T_CGAUrS86YxYYb-fcM_TzdwcpuRHtxnOg7uT4qZnRN2HhgyXDSZmEd68V_p21G2mPnd75TyA71Nm-W-F3KQ
Frame ID: D88E0089A80ED54C78ADD40C474EDCC7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COo-g4qmN2jczs31znGmOA4Ljl6xVc83tJSZytg2AaPpaXBF34GfBwcklueDLiwHsV4gYln9xRdZmQ94bOEm4ATKXbb9Z1Px8GjCIYuDdHZC8hcr1j5oASFjeRCh7vvlAq6KeVL6Kt-xV3c3i6r_ihQ6plUyW7I-CiDUdNVjUCeguStqE&dbm_d=AKAmf-Amr7TnKfqQGdkoFpWcfVYFWG2c3GILZx02xwrH25mxCWCINz_wRcpY8Ai2JxG6_JvMNEHZGrRig17RqvOXQxDVCMqqXHI6Fi60R2q5OUDRXGyXQRkFpMcogFt_8xzm6QZGTizILi-WO9RIuVAopf53mq9H1yImVFh79VP38A0xre1BEBXfJinzo0nq3BUmxi1dPJv1w0yY9-cwb1Y3ckoJllR-akJXmB-G-dxmgFvPK11TpejibWodacyB-tr-71rVYa5YBds9LUe3b4iEKEGTFhwYjV0WK7uNQLI71l_NzUWyaM4BytI3WYb8FFIpTxGD-3NC6AaQannSKZ_-Xm86m2pLY9WsbUlm_D4xoafNO2jFHP_BFJ3QWv2h0_G-82bgN_6Cz0kaJLdhSwArSgd_l4zcZbwSM-E3pWC_C0q4dkZLDTeQne0mlYB0SD9pEG0pkJMKT4X_z0TOC_EeatPTsr6BXm-H2obz9dxSVAkJiewI3fTk4HD7PTYoR0e-wYYEkjf-RsonVsihtKaGoX0Jsn15WluF933X435PPQrONZYkWclgQQBpykhvWfsJE8nHu4VWkqm8tC3T5bXVu98a7dAeHWWXvOINyGDU0dRktEYJbsp3rqjgpPK-vRQ-frAeS1u7AwxhU00uH3m9OBtt0lLA01RlZ9fanRtYwtNoijGz5hXgOaCUHGRhvmfSc7MBBNsLY6sM7SmPHW4rJWY5WDcgww-q374nF1woC9OqAcR--LvuzSlF_FdqFys-4AjWZEaEUXWo6-gtX0VqIHS5V5Xn5P8GCAgA6mhpHbi2ntIqhgg9IG-ETks3jnSAVUfPRIrCydk_3pDLVpQuJzaYtclrGiq60hUQTrzM-cxVIEorjDKIB4KRQMpBx7XeaWj-LIsPBaqjxwntrYPMqFgM3ivhr9WtDwAY9DUyARyEHo5RkmX5BmHTk-adz_xPAWjVLa-lHwmCCDvI0g1-6NLKtaNjjPRvdwGtN_FPdwC8-BKCL8y-GsLLTK9-y_A44Mexr0I2Nhl-_e75ulk0s7RojoirFV19hrvQr-7YlxurOn7i8mjrjZ9A43qIebeTFEPDmS_e-SYgUFRlQ2u8rQHWLnWx2JE0flD9q5kHH9mL5bNtakFM9qn9z0F5yd_gmDA08CLO-sKBXmBl-QwslBQ04MDneSDQVb05ddnuNsIGeT9PpTHDSvprOW23ITDnAeVH6TE1lxBPenxMZ0XUzTRsTcZoe7Cr9WUbLjR9nyhL0mDtTmlUQEgzNmy21_qj6TUyCtga9OfOWLJ8h8durWHOpttCMoPwQ9AEU1kJv9yP5QytKgFinWVDNpJVgkNZYhHPPGprc2IP77D2tIqHU_ymTdyXp4b_Cmpqjz4dhgUAJaiApECyZntUilW5es9_KXcmdpb8c9RLe3uaWghuZS3UtSI0jmgjBERMd92yJwlPpyXtSPYzt2jqAID9EramrjTaCl6dsydxp2qgWC9b2qQnXieOVF_KdQ8fKy60-YSPt3wpBeL13-zX57Vfs0mZwlqEtYeNok5XXE9otrbo-cawCPKCPh0Ox-4_egWvEUZ5uFxkck5lfAnlqaJf4K0qYTt5Ac0mq3WhHYjP3wgg_5-ihfXcgOakDOJWrHQ_gYJJ7cFadvxGqNMW9jtQY0_G6kjhjbtPYEzEglJbWt4JCMD4okXzn99PBxOQttSRGagR3-5W-cf1yPqW0WWk4gBAtlEZYQNANUX40558Cjvb-NLLo_QZLxUMCogB4YgzC5c0B5dEM95Q80ZenpNNtbjkbn-8kStuKbGYoQq457C5pB0lxyyWQDVNPc5WMBRaLrRC72m0JdYHkGB40M5nSlc_AEf6CdYd344z1IHdAmwO10TrYbA-Pf_NHNZiT8pwTJqw_Ex2PneMvnRd8bVhtY-0lxm4y1o9hrDUx6-SEWx_zvQP5XMBpcJHaRUdXXqZ4BqOKdvnlUhVdUtFEGZQ3sp-CP63WhgzKa6kbYVUgoasFh9LmU-oefsmCVp76W9p8XTcxT5Z4qdvjFo5hkRMw7B9hN4rt90cfzA-lbrc44pCzHmo6gHPH_PyNLWTx24NY2D0N9ECMQPLuFnwCy8kZrh3_kN1JYILj6_-LsSVxQBS4yOVhdZhXNWROODjj_q0cmvAVrBGEqJNyyRvBGEO41pUkPF-5Dh3dXpNwGzvQl6cBtA9yyhZTtyLYVzpThFOtxFGX-5uY66KODmuGuSit3ehMBmlhySL1QaOtUu0tsm6VgCNfbqKo-_uSHTxNTbKzbr_uDqCz2UV-kZGNdDmcQ16jr-IzytjywBATV9qjzG-K-ebvAef3xltE_CFszIEsJbYAE7frm-ZU5ouVdgvKaJVwzM8SHuNRyGDTfnxpDPoEKWvYOT4cnEL0YqU0E5r-doxTDldfhsjo2XKCFglHEXy1g0ATgCaj4E3w8ZVmMRQiGdGW388vxs1BIoDhXtnO3qPOeO-xfa8BPrpMcJVlOyxl-mK_AEgIOoaEtmwoAyyu-nqjvQ1Tg57aXyyaFZnv6sjbR0-QwOhDnIOIbp6q2CvI5MdboMaD9SlYVNXShNjkHXN-_zjDnlGnL5c3-AedtvC9qfaX0Lt8i8ZjZHovNkwQfo9g9jSgfjzexSkMGcNMufqGSlSRuB4vgUHT1kflYd0ijTS_iVnZ7Pzbo49THXC72dthrXjbKwB0l0jYbvZV9fRjdCZVLNtEBRrJN1YeJ6WvcirGMhogN6GUqqrSUcjm9StIauzMyyJC91HHsCKK0FfbR3CPBn4OYKvjUwc0w4uYEht-FdZaPvu3bxJuw7d_wEG7vVwNdiHsPcAq20YoMlku5QOqwwA3aZSp-xsnP0ZkftMJjepN7eW2ZanPKpvH2ufkiueS4zsf7AgTYIZI9XItmGLcAAgeiO4FOtFYGULHiZ0zF2ViJM0xaz_8glP2P0LA-jhL9YKium7ykIJS934-z9nbrJ9wt5FJGY_guDnUxByPRpc3A3Kx1WyhMvzGNZxqpUDWnF5ZODp_la5GUkKzJ7Fb9OOUvRWwiFph4Mueh_1FgKgGezrsPjtF-okZYnQcseo6fwMxh_a4dJ0e5yuQ7i55f_vZkOMGxc1l34QXBW-BxVPowoAH3ue1TAn3oISBNRBbhiRHRMHd3x2jNafWpC7Dwtgs-kKwBA0TFFObDOuDfRnGPgAQErqF2dTE_r0b3MY60S2bPlKWpWGkGiT-1qglrnnviAXDwUxDx65xg76k8p7sHAsjScHeo8wiUMQufw-4BIysIMgxfHHtN2u_mz55MEgo2ms9byg6HcBUmS0DcerjTR21gToBuvFhYkjEnCOwvq6bvBaErnc5KClGnWfwMbQmO6HoB_-p9ENjm6D_NkOxrFfRGPNfB-fHwkFGYzlyLJrAYpyi5L7iivCzvz6wN9H3yCSCwSe56CsUe84hYKk2sd_NnHsTXUrbapUrFL5Lz74iNEVjCYablsVMrWAmDixgU0JiDkMUhS_KnrcNuE&cid=CAASJORoK1oTEsmV4phCDntASfSJhHlHvz9p5bqF_DD_-qmXvEMzcA&rfl=2%2Chttp%253A%252F%252Fsum.in.ua%252F%240
Frame ID: 2F0C4B358B8D8EED3188C7D26293E2FA
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 439009FBF4C8757ACF0A47A1F3B66C2F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 274EBF3E000B932D3B123538A179E3FA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6526861/1654786520717/index.html
Frame ID: CD6FF058745C6FA14011D079C0300F07
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 30F0CE2F5CBFB227D871A9A807BA095C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: E04F003A6198CF2CD84EB964B766861A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Академічний тлумачний словник української мови

Detected technologies

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

102
Requests

74 %
HTTPS

53 %
IPv6

25
Domains

34
Subdomains

30
IPs

6
Countries

1035 kB
Transfer

2650 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.i.ua/
Title:

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=80114
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://connect.facebook.net/uk_UA/sdk.js HTTP 307
https://connect.facebook.net/uk_UA/sdk.js

Request Chain 8

http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.6418755062932822 HTTP 302
https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.6418755062932822 HTTP 302
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.6418755062932822

Request Chain 9

http://r.i.ua/s?u122537&p268&n0.7978545856272496&c1&d24&w1600&h1200&rsum.in.ua/ HTTP 302
https://i.i.ua/r/3_3_5.png

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzJ2GjMoHve-psxSP-M46QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2S64hx_a5-caUhLq8oepE&google_cver=1

Request Chain 66

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU0NDQ5MzEzNzA3NTQ2MTMxMQ%3D%3D

Request Chain 69

https://d.agkn.com/pixel/2175/?google_gid=CAESECPp7xI78NtRb1em5DgCHGQ&google_cver=1&google_push=AZmPxg-bO2Brk372YGKfbfyTToJ0lQhPaa6fIMvH_1RgQ_c0JvmOfkkOLaLo9UoW38m_0lh7QFWRpm9_QbdFhAqstvwLeGe5apIm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bO2Brk372YGKfbfyTToJ0lQhPaa6fIMvH_1RgQ_c0JvmOfkkOLaLo9UoW38m_0lh7QFWRpm9_QbdFhAqstvwLeGe5apIm&google_hm=Q0FFU0VDUHA3eEk3OE50UmIxZW01RGdDSEdR

Request Chain 70

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-bG4Q3eoJ9EOzm4w43uaLBWzadvE0UOAf1btG5WX9IHhCRFcf_XPZgXCq0jyuWnIO9sfiL6gPkpLHfYM6LhbGrPR6PZRnW&google_gid=CAESEGdswwX80_ha6llAhSI3TOI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-bG4Q3eoJ9EOzm4w43uaLBWzadvE0UOAf1btG5WX9IHhCRFcf_XPZgXCq0jyuWnIO9sfiL6gPkpLHfYM6LhbGrPR6PZRnW&google_gid=CAESEGdswwX80_ha6llAhSI3TOI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjcwNDAzMzkwMDA0NzUwNDY3ODQ0NA%3D%3D&google_push=AZmPxg-bG4Q3eoJ9EOzm4w43uaLBWzadvE0UOAf1btG5WX9IHhCRFcf_XPZgXCq0jyuWnIO9sfiL6gPkpLHfYM6LhbGrPR6PZRnW

Request Chain 73

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFLcDs5Cy6mnBC-6npc63i0&google_cver=1&google_push=AZmPxg_1ECpSH8oUo5HXVM_bC01BFE5SWdmUy9rh1hiwkUFi6AFDmF4UrS3hTCzFJA2TU2xup_bIglL8R5z-WqM93gBrfPWTXlwS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhKT0JQNzYtVi1IWEhZ&google_push=AZmPxg_1ECpSH8oUo5HXVM_bC01BFE5SWdmUy9rh1hiwkUFi6AFDmF4UrS3hTCzFJA2TU2xup_bIglL8R5z-WqM93gBrfPWTXlwS

Request Chain 74

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_cver=1&google_push=AZmPxg8RlzUUh_v76NPT8R4Hz4Mq-ByB2oO34Dfzga_Yw4Oe4-eeKqxNM4NYqJ1nOFQdgWiXFcOonKnPcMXZaN_VhEXGl6m--YiR HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_push=AZmPxg8RlzUUh_v76NPT8R4Hz4Mq-ByB2oO34Dfzga_Yw4Oe4-eeKqxNM4NYqJ1nOFQdgWiXFcOonKnPcMXZaN_VhEXGl6m--YiR&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_hm=YzJ2GlD1rG0EdUVxatkKmgAAES8AAAAB&google_nid=index&google_push=AZmPxg8RlzUUh_v76NPT8R4Hz4Mq-ByB2oO34Dfzga_Yw4Oe4-eeKqxNM4NYqJ1nOFQdgWiXFcOonKnPcMXZaN_VhEXGl6m--YiR

Request Chain 80

https://fw.adsafeprotected.com/rfw/st/1072894/63765042/4.js?ias_dspID=3&ias_campId=29077561&ias_pubId=pub-2843374221922515&ias_chanId=1&ias_placementId=17445309813&bidurl=http://sum.in.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hFpeL8uZAlzSqbj0rVnpvH&adContainerId=brand_safety_GnYyY_jLEKWk3gPulI3oDg&cbFunctionName=goog_wrapCb_GnYyY_jLEKWk3gPulI3oDg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fsum.in.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fsum.in.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220922%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220922%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-2843374221922515%26fa%3D1%26ifi%3D3%26uci%3Da!3%26xpc%3DKI3p8CmhtV%26p%3Dhttp%253A%2F%2Fsum.in.ua&adsafe_type=be&adsafe_jsinfo=,id:7d41f236-b496-f643-32da-19817938aab5,c:pnSIRY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-dxqzn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tiBvlDI+111%7C12%7C13%7C14%7C15%7C161*.1072894-63765042%7C1611%7C1612%7C16131%7C1614,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:25,oid:5db216b4-3e19-11ed-95bc-562d8d26e57a,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

102 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sum.in.ua/ 9 KB
10 KB 466ms
392ms Document
text/html 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) / PHP/5.3.6
Resource Hash: 547e8cafa00f6daef035a1465080bf078e7216bcb040fe8edb02f271fa997ac3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Language: ru
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Sep 2022 04:03:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=3, max=15
Pragma: no-cache
Server: Apache/2.2.23 (CentOS)
Transfer-Encoding: chunked
X-Powered-By: PHP/5.3.6

GET
H/1.1 200
OK common.css
sum.in.ua/com/ 14 KB
14 KB 73ms
73ms Stylesheet
text/css 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/common.css
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 04:03:35 GMT
Last-Modified: Mon, 19 Jun 2017 16:31:43 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0c2f-36b7-55252ab982951"
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=14
Content-Length: 14007

GET
H/1.1 200
OK computer.css
sum.in.ua/com/ 424 B
736 B 147ms
74ms Stylesheet
text/css 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/computer.css
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: 18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 04:03:35 GMT
Last-Modified: Mon, 07 Apr 2014 12:12:24 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0721-1a8-4f672c7b9ba98"
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=15
Content-Length: 424

GET
H/1.1 200
OK mootools.js Show response
sum.in.ua/com/ 92 KB
93 KB 147ms
73ms Script
application/x-javascript 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/mootools.js
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: 44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 04:03:35 GMT
Last-Modified: Tue, 02 Apr 2013 19:18:16 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0877-170eb-4d965996fae00"
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Keep-Alive: timeout=3, max=13
Content-Length: 94443

GET
H/1.1 200
OK ajax-nc19.js Show response
sum.in.ua/com/ 10 KB
11 KB 148ms
74ms Script
application/x-javascript 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sum.in.ua/com/ajax-nc19.js
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 04:03:35 GMT
Last-Modified: Tue, 11 Sep 2018 02:17:27 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c05da-28d2-5758f133b9bc0"
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Keep-Alive: timeout=3, max=15
Content-Length: 10450

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 116 KB
40 KB 97ms
57ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d88945c623841d5846b621b0e3cd2081d36f87f2f2a873103473b34ea66a99a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 27 Sep 2022 04:03:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5831665453497011433
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40367
X-XSS-Protection: 0
Expires: Tue, 27 Sep 2022 04:03:35 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/uk_UA/
Redirect Chain

http://connect.facebook.net/uk_UA/sdk.js
https://connect.facebook.net/uk_UA/sdk.js

3 KB
2 KB

129ms
40ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cc232c5e52c4e4729ce5991da82262fe77cbb07a99f1f3dd4f4d750a0a097bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rV9TRNA1XwL77wmb7BaJSg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: vPF5khzLSxioUuKl4Y5VgM1mBOMNs4nCpyeNJdXVSjRJeWVzG5MqgjB6Qn6yYNrbCMGDwplv/gFaO8WOAHZu4g==
x-fb-trip-id: 686109401
x-fb-content-md5: e6f8a6748bde381046f53b07d45dfbc9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 04:03:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a24e4f781ced3ecf205863fa688dabc0"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 27 Sep 2022 04:14:01 GMT

Redirect headers

Location: https://connect.facebook.net/uk_UA/sdk.js#xfbml=1&version=v2.7
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 347 KB
123 KB 159ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a4d8d026efcefc8c176273da0c376f917b3652d6979e1459e953be44d9bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125493
x-xss-protection: 0
server: cafe
etag: 13866388419043076140
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 04:03:35 GMT

GET
H/1.1 200
OK rect.png
sum.in.ua/com/ 2 KB
3 KB 73ms
73ms Image
image/png 195.242.161.64
FORTUNE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sum.in.ua/com/rect.png
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/com/computer.css
Protocol: HTTP/1.1
Server: 195.242.161.64 , Ukraine, ASN47434 (FORTUNE-AS, UA),
Reverse DNS
Software: Apache/2.2.23 (CentOS) /
Resource Hash: bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/com/computer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 04:03:35 GMT
Last-Modified: Sat, 12 Oct 2013 10:19:45 GMT
Server: Apache/2.2.23 (CentOS)
ETag: "5c0881-8e7-4e88892f91e6e"
Content-Language: ru
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=3, max=12
Content-Length: 2279

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%...
https://counter.yadro.ru/hit?t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439...
https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u04...

135 B
621 B

78ms
78ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.6418755062932822

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

eb34badde20d894743d71f239b1b92893b9145c38dbbd83adff3561f3b8aa821

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 04:03:36 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 135
Expires: Sun, 26 Sep 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 04:03:35 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t26.14;r;s1600*1200*24;uhttp%3A//sum.in.ua/;h%u0410%u043A%u0430%u0434%u0435%u043C%u0456%u0447%u043D%u0438%u0439%20%u0442%u043B%u0443%u043C%u0430%u0447%u043D%u0438%u0439%20%u0441%u043B%u043E%u0432%u043D%u0438%u043A%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043E%u0457%20%u043C%u043E%u0432%u0438;0.6418755062932822
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 26 Sep 2021 21:00:00 GMT

GET
H2

200

3_3_5.png
i.i.ua/r/
Redirect Chain

http://r.i.ua/s?u122537&p268&n0.7978545856272496&c1&d24&w1600&h1200&rsum.in.ua/
https://i.i.ua/r/3_3_5.png

1 KB
2 KB

103ms
34ms

Image
image/png

104.18.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.i.ua/r/3_3_5.png
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: H2
Server: 104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:35 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Mar 2007 13:53:49 GMT
server: cloudflare
age: 3675593
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 751159b51937362e-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1187
expires: Thu, 27 Jul 2023 22:34:33 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 04:03:35 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location: https://i.i.ua/r/3_3_5.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 751159b41f9035cb-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: 0

GET
H/1.1 200
OK hit Show response
c.hit.ua/ 322 B
762 B 186ms
77ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.5380452730108178&r=&u=http%3A//sum.in.ua/
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: HTTP/1.1
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: 2eb969e47781a3dc294bf4f539c8379ec942a2c9d268f40bd03f4b73229e6738

Request headers

Referer: http://sum.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 04:03:35 GMT
Server: nginx/1.17.9
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/x-javascript
Expires: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 319 KB
87 KB 85ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=96af4d614febd102a8848b062f8c55e8

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fcf32cbf8d92329a3ff29e0c28239e1611a3a70049e91804c570d549b0b75ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://sum.in.ua/
Origin: http://sum.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jZ6833HCqysP+sXOm3fPVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88956
x-fb-rlafr: 0
x-fb-debug: lXzSUj/CpfcvP0z5ncvp64rgp1LyU2sDXFghmZPPaKy9371hALE3vzsi0bSY3AQBvA0MA7eUN9WZBslzRJnsLg==
x-fb-content-md5: aa83aac70525cfc415d8d43973eb4933
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 04:03:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ba08903f6fd6488b9c5b56379d044799"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Sep 2023 02:45:02 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 139ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sum.in.ua&callback=_gfp_s_&client=ca-pub-2843374221922515

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b358b3ff7bc2bdc5813afe4c776d3c56f74629ef40a4c3bf4c66ca87c3e569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 142ms
51ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
54ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFDA 112 KB
34 KB 653ms
562ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1664251415&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1664251415627&bpp=23&bdt=386&idt=289&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&abxe=1&correlator=985173508698&frm=20&pv=2&ga_vid=204786926.1664251416&ga_sid=1664251416&ga_hid=135998982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067825&oid=2&pvsid=638782561523430&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qNHbZqSDB7&p=http%3A//sum.in.ua&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0910b236e71a11fd240229f4de8744568318362aed0fd7730373f8b95894faf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34292
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 04:03:36 GMT
expires: Tue, 27 Sep 2022 04:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BFDA 8 KB
1 KB 459ms
52ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1664251415&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1664251415627&bpp=23&bdt=386&idt=289&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&abxe=1&correlator=985173508698&frm=20&pv=2&ga_vid=204786926.1664251416&ga_sid=1664251416&ga_hid=135998982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067825&oid=2&pvsid=638782561523430&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qNHbZqSDB7&p=http%3A//sum.in.ua&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 02:59:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 04:03:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Sep 2022 04:03:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame BFDA 2 KB
983 B 458ms
52ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 03:52:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BFDA 0
0 167ms
86ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgtgmGHYyY7TwA-bI3gO5xZCgD9LW69Fs0Ymp6M0QlbTpz8gCEAEgmZC6DmC7hoCA0AqgAdP89tUDyAEJqQIEhvLbJCewPqgDAcgDywSqBLMBT9Aetf68Ft2RuR2YYgJQPh-j6fIqA-JZzei4pmyK2XlzjeWphBrtka2Jlo5tNHofx77jH1Jt0Lef6hFYrunCXmBPtQl7Ic8UQ_oX0dg6okIjRDcjYu3RkadXa8qODndm3tpt8iG26hfuTL5Lr5sRNEaOwYygJ63WjyowbZirPbg-X3ENxEWlbN5M1LXtsVNGvqTnW7T0W8Mnd3Wc0lhU1CZm8bi19ToHspOqn_b-LXtCdSvABKmvlrqcBJIFBAgEGAGSBQQIBRgEoAYugAein-rIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENuIAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBmAzOi6_ukQS4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTI4NDMzNzQyMjE5MjI1MTUYAA&sigh=dDxcSPAgwSQ&uach_m=[UACH]&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2404697248&adf=355524579&pi=t.ma~as.6868198912&w=468&lmt=1664251415&url=http%3A%2F%2Fsum.in.ua%2F&wgl=1&dt=1664251415627&bpp=23&bdt=386&idt=289&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&abxe=1&correlator=985173508698&frm=20&pv=2&ga_vid=204786926.1664251416&ga_sid=1664251416&ga_hid=135998982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067825&oid=2&pvsid=638782561523430&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qNHbZqSDB7&p=http%3A//sum.in.ua&dtd=308
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 27 Sep 2022 04:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Sep 2022 04:03:36 GMT

GET
H2 200 15348253372493321217
tpc.googlesyndication.com/simgad/ Frame BFDA 970 B
1 KB 474ms
75ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15348253372493321217?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:12:49 GMT
x-content-type-options: nosniff
age: 42648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
last-modified: Wed, 11 May 2022 10:35:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Sep 2023 16:12:49 GMT

GET
DATA 200
OK truncated
/ Frame BFDA 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BFDA 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame BFDA 23 KB
10 KB 417ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 03:31:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame BFDA 3 KB
1 KB 430ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 03:53:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame BFDA 17 KB
7 KB 422ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 03:51:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFDA 140 KB
44 KB 434ms
59ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 04:03:37 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame BFDA 32 KB
14 KB 416ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 02:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:48:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Dec 2022 02:57:55 GMT

GET
DATA 200
OK truncated
/ Frame BFDA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58b0a3f0e5b950cce96462f72fd87d58e501f1547510748604bcc6c806dc382a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame BFDA 28 KB
28 KB 133ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:49:18 GMT
x-content-type-options: nosniff
age: 303259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 15:49:18 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 159ms
77ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2306d34278a2f34609e03adcb058b44360a08ea30cc4a6f6bc05e44c8daffb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57940
x-xss-protection: 0
server: cafe
etag: 4565660817518281149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 04:03:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 135ms
54ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db5beea7a3b46be9d88ba83f2c27068cbcc511f53a91c03d318cfffd2b2a892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11182
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v2.7/plugins/ Frame 0C0D 0
3 KB 151ms
62ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.7/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f159b31e6442%26domain%3Dsum.in.ua%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fsum.in.ua%252Ff115d73d5bff144%26relation%3Dparent.parent&container_width=734&href=http%3A%2F%2Fsum.in.ua%2F&layout=standard&locale=uk_UA&sdk=joey&share=true&show_faces=true&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=96af4d614febd102a8848b062f8c55e8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 04:03:37 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: Ue/WJnOM2ExHopQblW+4H0TeKXmGPlUkuCd2dYQnSSpeUXCRKcbbAT3cTyUHhjwV9sD4fKKiaDtBySOf1bdpfg==
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7001 36 KB
16 KB 101ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 23:23:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 139ms
57ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 04:03:37 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/ Frame 9802 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 14:45:41 GMT
etag: 9671129459699598864
expires: Mon, 10 Oct 2022 14:45:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 133ms
51ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
50ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E22 31 KB
14 KB 589ms
588ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1664251417&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsum.in.ua%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664251417421&bpp=2&bdt=2181&idt=2&shv=r20220922&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D568ae8eeec68eec2-22eeaf2a30ce0094%3AT%3D1664251416%3ART%3D1664251416%3AS%3DALNI_MYEg4stTFGu-4jxoiWgmyiVGToK6w&prev_slotnames=6868198912&nras=1&correlator=985173508698&frm=20&pv=1&ga_vid=204786926.1664251416&ga_sid=1664251416&ga_hid=135998982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067825&oid=2&psts=APxP-9BHWd_6MPj3o-mlnHlI1Kw3EYLL_wMbd9TN-mRvDFtKIAmawK5JF6x16m6K31tj94i6wi-In-ZsHcGJVxXkvw&pvsid=638782561523430&tmod=268187778&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ed55574359400cac8d5024fdf4eae7e04a4ec5f665cacc097ccaea18c5df29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 14128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 04:03:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC3C 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 16826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 23:23:11 GMT
expires: Tue, 26 Sep 2023 23:23:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 752B 783 B
1 KB 145ms
53ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c668a07a046c04baf01c1fc0b9869dcf49bc47b5d80894a0c40f63cc9ab7d364

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k46emEqn1i8XFdpS-ci0Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-k46emEqn1i8XFdpS-ci0Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 04:03:37 GMT
expires: Tue, 27 Sep 2022 04:03:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame EC3C 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 23:23:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 752B 0
0 75ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=638782561523430&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC3C 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aFTeoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 151 KB
54 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

364deea79b3393a8802e791e34b52973e6f053c7d44df4a5b0233938b07354a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55033
x-xss-protection: 0
server: cafe
etag: 10762242047679865634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 04:03:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 56ms
55ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
53ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sum.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/ Frame 6068 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sum.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 25102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 21:05:16 GMT
etag: 9671129459699598864
expires: Mon, 10 Oct 2022 21:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D88E 624 B
297 B 60ms
52ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYlbqtzAEwAQ&v=APEucNXal_lBlVdjMiWHAZzPss58JKC4wkaorOMFE0x1Lx54j3YXic1w6frGRpJ-29C0It1_BWDY2SrQEthYhpkarSft7qzwAC4T_CGAUrS86YxYYb-fcM_TzdwcpuRHtxnOg7uT4qZnRN2HhgyXDSZmEd68V_p21G2mPnd75TyA71Nm-W-F3KQ

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 04:03:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2F0C 94 KB
37 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COo-g4qmN2jczs31znGmOA4Ljl6xVc83tJSZytg2AaPpaXBF34GfBwcklueDLiwHsV4gYln9xRdZmQ94bOEm4ATKXbb9Z1Px8GjCIYuDdHZC8hcr1j5oASFjeRCh7vvlAq6KeVL6Kt-xV3c3i6r_ihQ6plUyW7I-CiDUdNVjUCeguStqE&dbm_d=AKAmf-Amr7TnKfqQGdkoFpWcfVYFWG2c3GILZx02xwrH25mxCWCINz_wRcpY8Ai2JxG6_JvMNEHZGrRig17RqvOXQxDVCMqqXHI6Fi60R2q5OUDRXGyXQRkFpMcogFt_8xzm6QZGTizILi-WO9RIuVAopf53mq9H1yImVFh79VP38A0xre1BEBXfJinzo0nq3BUmxi1dPJv1w0yY9-cwb1Y3ckoJllR-akJXmB-G-dxmgFvPK11TpejibWodacyB-tr-71rVYa5YBds9LUe3b4iEKEGTFhwYjV0WK7uNQLI71l_NzUWyaM4BytI3WYb8FFIpTxGD-3NC6AaQannSKZ_-Xm86m2pLY9WsbUlm_D4xoafNO2jFHP_BFJ3QWv2h0_G-82bgN_6Cz0kaJLdhSwArSgd_l4zcZbwSM-E3pWC_C0q4dkZLDTeQne0mlYB0SD9pEG0pkJMKT4X_z0TOC_EeatPTsr6BXm-H2obz9dxSVAkJiewI3fTk4HD7PTYoR0e-wYYEkjf-RsonVsihtKaGoX0Jsn15WluF933X435PPQrONZYkWclgQQBpykhvWfsJE8nHu4VWkqm8tC3T5bXVu98a7dAeHWWXvOINyGDU0dRktEYJbsp3rqjgpPK-vRQ-frAeS1u7AwxhU00uH3m9OBtt0lLA01RlZ9fanRtYwtNoijGz5hXgOaCUHGRhvmfSc7MBBNsLY6sM7SmPHW4rJWY5WDcgww-q374nF1woC9OqAcR--LvuzSlF_FdqFys-4AjWZEaEUXWo6-gtX0VqIHS5V5Xn5P8GCAgA6mhpHbi2ntIqhgg9IG-ETks3jnSAVUfPRIrCydk_3pDLVpQuJzaYtclrGiq60hUQTrzM-cxVIEorjDKIB4KRQMpBx7XeaWj-LIsPBaqjxwntrYPMqFgM3ivhr9WtDwAY9DUyARyEHo5RkmX5BmHTk-adz_xPAWjVLa-lHwmCCDvI0g1-6NLKtaNjjPRvdwGtN_FPdwC8-BKCL8y-GsLLTK9-y_A44Mexr0I2Nhl-_e75ulk0s7RojoirFV19hrvQr-7YlxurOn7i8mjrjZ9A43qIebeTFEPDmS_e-SYgUFRlQ2u8rQHWLnWx2JE0flD9q5kHH9mL5bNtakFM9qn9z0F5yd_gmDA08CLO-sKBXmBl-QwslBQ04MDneSDQVb05ddnuNsIGeT9PpTHDSvprOW23ITDnAeVH6TE1lxBPenxMZ0XUzTRsTcZoe7Cr9WUbLjR9nyhL0mDtTmlUQEgzNmy21_qj6TUyCtga9OfOWLJ8h8durWHOpttCMoPwQ9AEU1kJv9yP5QytKgFinWVDNpJVgkNZYhHPPGprc2IP77D2tIqHU_ymTdyXp4b_Cmpqjz4dhgUAJaiApECyZntUilW5es9_KXcmdpb8c9RLe3uaWghuZS3UtSI0jmgjBERMd92yJwlPpyXtSPYzt2jqAID9EramrjTaCl6dsydxp2qgWC9b2qQnXieOVF_KdQ8fKy60-YSPt3wpBeL13-zX57Vfs0mZwlqEtYeNok5XXE9otrbo-cawCPKCPh0Ox-4_egWvEUZ5uFxkck5lfAnlqaJf4K0qYTt5Ac0mq3WhHYjP3wgg_5-ihfXcgOakDOJWrHQ_gYJJ7cFadvxGqNMW9jtQY0_G6kjhjbtPYEzEglJbWt4JCMD4okXzn99PBxOQttSRGagR3-5W-cf1yPqW0WWk4gBAtlEZYQNANUX40558Cjvb-NLLo_QZLxUMCogB4YgzC5c0B5dEM95Q80ZenpNNtbjkbn-8kStuKbGYoQq457C5pB0lxyyWQDVNPc5WMBRaLrRC72m0JdYHkGB40M5nSlc_AEf6CdYd344z1IHdAmwO10TrYbA-Pf_NHNZiT8pwTJqw_Ex2PneMvnRd8bVhtY-0lxm4y1o9hrDUx6-SEWx_zvQP5XMBpcJHaRUdXXqZ4BqOKdvnlUhVdUtFEGZQ3sp-CP63WhgzKa6kbYVUgoasFh9LmU-oefsmCVp76W9p8XTcxT5Z4qdvjFo5hkRMw7B9hN4rt90cfzA-lbrc44pCzHmo6gHPH_PyNLWTx24NY2D0N9ECMQPLuFnwCy8kZrh3_kN1JYILj6_-LsSVxQBS4yOVhdZhXNWROODjj_q0cmvAVrBGEqJNyyRvBGEO41pUkPF-5Dh3dXpNwGzvQl6cBtA9yyhZTtyLYVzpThFOtxFGX-5uY66KODmuGuSit3ehMBmlhySL1QaOtUu0tsm6VgCNfbqKo-_uSHTxNTbKzbr_uDqCz2UV-kZGNdDmcQ16jr-IzytjywBATV9qjzG-K-ebvAef3xltE_CFszIEsJbYAE7frm-ZU5ouVdgvKaJVwzM8SHuNRyGDTfnxpDPoEKWvYOT4cnEL0YqU0E5r-doxTDldfhsjo2XKCFglHEXy1g0ATgCaj4E3w8ZVmMRQiGdGW388vxs1BIoDhXtnO3qPOeO-xfa8BPrpMcJVlOyxl-mK_AEgIOoaEtmwoAyyu-nqjvQ1Tg57aXyyaFZnv6sjbR0-QwOhDnIOIbp6q2CvI5MdboMaD9SlYVNXShNjkHXN-_zjDnlGnL5c3-AedtvC9qfaX0Lt8i8ZjZHovNkwQfo9g9jSgfjzexSkMGcNMufqGSlSRuB4vgUHT1kflYd0ijTS_iVnZ7Pzbo49THXC72dthrXjbKwB0l0jYbvZV9fRjdCZVLNtEBRrJN1YeJ6WvcirGMhogN6GUqqrSUcjm9StIauzMyyJC91HHsCKK0FfbR3CPBn4OYKvjUwc0w4uYEht-FdZaPvu3bxJuw7d_wEG7vVwNdiHsPcAq20YoMlku5QOqwwA3aZSp-xsnP0ZkftMJjepN7eW2ZanPKpvH2ufkiueS4zsf7AgTYIZI9XItmGLcAAgeiO4FOtFYGULHiZ0zF2ViJM0xaz_8glP2P0LA-jhL9YKium7ykIJS934-z9nbrJ9wt5FJGY_guDnUxByPRpc3A3Kx1WyhMvzGNZxqpUDWnF5ZODp_la5GUkKzJ7Fb9OOUvRWwiFph4Mueh_1FgKgGezrsPjtF-okZYnQcseo6fwMxh_a4dJ0e5yuQ7i55f_vZkOMGxc1l34QXBW-BxVPowoAH3ue1TAn3oISBNRBbhiRHRMHd3x2jNafWpC7Dwtgs-kKwBA0TFFObDOuDfRnGPgAQErqF2dTE_r0b3MY60S2bPlKWpWGkGiT-1qglrnnviAXDwUxDx65xg76k8p7sHAsjScHeo8wiUMQufw-4BIysIMgxfHHtN2u_mz55MEgo2ms9byg6HcBUmS0DcerjTR21gToBuvFhYkjEnCOwvq6bvBaErnc5KClGnWfwMbQmO6HoB_-p9ENjm6D_NkOxrFfRGPNfB-fHwkFGYzlyLJrAYpyi5L7iivCzvz6wN9H3yCSCwSe56CsUe84hYKk2sd_NnHsTXUrbapUrFL5Lz74iNEVjCYablsVMrWAmDixgU0JiDkMUhS_KnrcNuE&cid=CAASJORoK1oTEsmV4phCDntASfSJhHlHvz9p5bqF_DD_-qmXvEMzcA&rfl=2%2Chttp%253A%252F%252Fsum.in.ua%252F%240

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ca0201eff2f12f086564de37fefe3e1051366a1779fc17d973470586b5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 2F0C 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1090
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 03:45:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 2F0C 17 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 02:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 02:54:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2F0C 0
0 197ms
48ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1sjFaVUbzMVLL1ANtJXFDpDIDreFx_Wmt34SwWwFlciNy3v3Cny4eUuSfT6fuhL5vI6AiosrqQxVhwOzpZjx2Jf5M-A
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F0C 140 KB
44 KB 149ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 04:03:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F0C 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNlanfrYeVEJbCSxSf4vYg1FdXVYef-d2GX-JmhrQkAxWfUwTf2lQnazUxn7j9s_ygfJIdFJ-MQFShZZAz54t9334R96Ms252qPcpm19QNje3Gglo

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFDA 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoivTpi5kLCIxYTu2ofUzWKT7vGlYeSb5S_yGb8MTmO1ynjZg9mO3V3auLGE2DvTcVVhgxUHox1Sbkf4HA69DKBXUgJrSiyGf69tORYbeTb1XI3Vn9iFaqT9n4hcsLE8li2VfAJb0PcurfEQwCpaRuN0K9JmXHB8pnAZvHA9wHY4WMQC8j1M4pyRY_DD4W-LIk_hZ6eMdTcHkZCmUzfvgVOq0tHnjeAxAsgyb9hLoVbDvgIEC0PbwC0QT8vvuJv4Qzfvjsybp2SSPpv_PSICM1NPknIEbR2nOa4ehtb7sGKD4Cfi_g244wmPlvwnvh-KZDclZU5q7jEZYqpn66za1U_436tWaQtIO-VmgLlCUUwe4MWAQO6Tm5hoEJPyBzdXrR6e_eaQtImv7pUj2gSlGlpQXONamNKIExn41t9P0zqCdVdKi_2zReVQrnoZ6Agpz3pVUvhZy40V3zW2guUPvSi0APp1Ql01ubYxGmdk-i6cDj-Dq4hOI0e3NRrJRE5sVr5sWrAniKf9xSREyM8iBqN02Ub1_w5hQ3yXrCX1t7JowDz-HeRwgcMAaQLw2cfXh5FSmqOMddDFbLSahAmD1PS_SF84qXI_B3Gnv_BQ_74G_LBeSgsRMAMbEKSMYvYsuxBKsWLV7mGbxD5GDy_tFStbWDQkrUFDXMpI2D2gtKXtKeIVHaBn9_ebqRGyqA5a4qXnertt6G3d_BgsI4Y93gTQ8zPIWqmhBGWJK7hwjnSRnBLlgf3FHbCX1gv1XIFCxZNOZo6Rpa0JG7qw5P3v7wKb5TUjhjzGZvTknVwEF54zV_B_tieLAOj9aa6pPIlsBJ9DjXY_rOT_XBM4UNP2OFzJ6oaEskNydwkh37jmPpbrg568g3HtiO7Nqhdtmgtf_SEW_OwKuRdUYhx-nbIqwXAKr09oxCV49cvY3TDLEViAHZ88Cm9kNkBQYdbQ2VB9NG_McWbdScKCRsOpAQQLE-iK8ZV3mU6i2Z&sai=AMfl-YSKrVH4-2eyu7icKxzkrlGVXAVE3XIqxDpxlRCVRc6HPrKwZVKbtwGjLZS-wbPbg5AQv-uGPKUcDn2oKt1JRXh_zSqYwBY-1A&sig=Cg0ArKJSzBBL5nKf2aOYEAE&id=lidar2&mcvt=1021&p=0,0,60,468&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2404697248&rs=2&la=0&cr=0&vs=4&r=v&rst=1664251415937&rpt=1266&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=638782561523430&bg=!i4iliMzNAAYIxsuQKMY7ACkAdvg8WsZPCEeP_7Ol5hgtfYCkzidsHte2rvLOmzv-pVgxIY6bpj1c7gIAAAB1UgAAAAJoAQeZApXzPSbtoPxz-IkqO5HHIsiK5vLNEyqcche72JhFLcTkMf9ULs7zbiMx-IWFI18gFeRtTqXokRJi8f3XFCexntAwL7zG9YaS7w4r9uhLo1fdvVE7s7_6shs98lkpmtDAupSbPfYDdEXPn3-t-gPo9HcHrWoedSaHZndJkFD1CDZfJ2H_yaPhM57X74M9aQ4f_3ugc9lNvJadnoSVf86U6o9rOygasaemce9PUSt7ZNmVCNTYKYDPtb-U73yYWaZImwedFkfZmwoBU12KvhtVsNen1CrR2MXxvhgfeGejV4pUF2reT_lO8rr-9ryJRKQ8HPAQ_vGcy7c52J9MHetvqjzY-OW-tp_Fm05bohsoWZNTXVOnXSNvO6wVJqAlKyFJ-_r3cwuiwqE6Y2fbSkSC9y8aA_rNecFB_8iThchi4LDY4pQ6Hbt-92F0LCwsQ-yghv98iXqmoNsXaJHQEztQOuAKEcl5zlhaFHl0CNZ07RFXqSpCU-jUvYB6-NrTbYCtKdvHT1aIT1dTUxS0lXbz_24dkYts6-0Wg4WatydlewsHSuYP8YK9Im3s50Cin4ltYJ5zLWYQA_Sc_22dPHOQBh41KyIGczaeFZKs5O6R7Rl0GEakBuewHynnfxTsahjq4H3yzrMBeg_NVETKIvc-4TiF07gQ-ll0Z09h362YknNW8SygYphuF1NSo5Kt5ZmNiMKe3rP9MsRCeQJNVRWNG3e3kV8neX-BtrzFtWkbKfkl4DJJNVYILM2fHsjC0PY6jBvFzHg-0Ppt2ryf2l63e3htQ_A6P8xQuSYvu0vdOYJ2LRLXQesBJtCVQsnXtQNfwJiwpLE_5Y1A46E6iIpt4EZEUmECgG2LB7VR6YQwZ0ec0bK3mI5G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://sum.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1072894/63765042/ Frame 2F0C 237 KB
71 KB 178ms
58ms Script
application/javascript 54.77.210.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1072894/63765042/skeleton.js?ias_dspID=3&ias_campId=29077561&ias_pubId=pub-2843374221922515&ias_chanId=1&ias_placementId=17445309813&bidurl=http://sum.in.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hFpeL8uZAlzSqbj0rVnpvH
Requested by: Host: sum.in.ua
URL: http://sum.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.210.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-210-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c55b23a0666c100163a47103a3401450f60707ac777ab3d7f6b0697b158d4721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2F0C 106 KB
38 KB 140ms
39ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 11:21:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame 2F0C 8 KB
3 KB 47ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COo-g4qmN2jczs31znGmOA4Ljl6xVc83tJSZytg2AaPpaXBF34GfBwcklueDLiwHsV4gYln9xRdZmQ94bOEm4ATKXbb9Z1Px8GjCIYuDdHZC8hcr1j5oASFjeRCh7vvlAq6KeVL6Kt-xV3c3i6r_ihQ6plUyW7I-CiDUdNVjUCeguStqE&dbm_d=AKAmf-Amr7TnKfqQGdkoFpWcfVYFWG2c3GILZx02xwrH25mxCWCINz_wRcpY8Ai2JxG6_JvMNEHZGrRig17RqvOXQxDVCMqqXHI6Fi60R2q5OUDRXGyXQRkFpMcogFt_8xzm6QZGTizILi-WO9RIuVAopf53mq9H1yImVFh79VP38A0xre1BEBXfJinzo0nq3BUmxi1dPJv1w0yY9-cwb1Y3ckoJllR-akJXmB-G-dxmgFvPK11TpejibWodacyB-tr-71rVYa5YBds9LUe3b4iEKEGTFhwYjV0WK7uNQLI71l_NzUWyaM4BytI3WYb8FFIpTxGD-3NC6AaQannSKZ_-Xm86m2pLY9WsbUlm_D4xoafNO2jFHP_BFJ3QWv2h0_G-82bgN_6Cz0kaJLdhSwArSgd_l4zcZbwSM-E3pWC_C0q4dkZLDTeQne0mlYB0SD9pEG0pkJMKT4X_z0TOC_EeatPTsr6BXm-H2obz9dxSVAkJiewI3fTk4HD7PTYoR0e-wYYEkjf-RsonVsihtKaGoX0Jsn15WluF933X435PPQrONZYkWclgQQBpykhvWfsJE8nHu4VWkqm8tC3T5bXVu98a7dAeHWWXvOINyGDU0dRktEYJbsp3rqjgpPK-vRQ-frAeS1u7AwxhU00uH3m9OBtt0lLA01RlZ9fanRtYwtNoijGz5hXgOaCUHGRhvmfSc7MBBNsLY6sM7SmPHW4rJWY5WDcgww-q374nF1woC9OqAcR--LvuzSlF_FdqFys-4AjWZEaEUXWo6-gtX0VqIHS5V5Xn5P8GCAgA6mhpHbi2ntIqhgg9IG-ETks3jnSAVUfPRIrCydk_3pDLVpQuJzaYtclrGiq60hUQTrzM-cxVIEorjDKIB4KRQMpBx7XeaWj-LIsPBaqjxwntrYPMqFgM3ivhr9WtDwAY9DUyARyEHo5RkmX5BmHTk-adz_xPAWjVLa-lHwmCCDvI0g1-6NLKtaNjjPRvdwGtN_FPdwC8-BKCL8y-GsLLTK9-y_A44Mexr0I2Nhl-_e75ulk0s7RojoirFV19hrvQr-7YlxurOn7i8mjrjZ9A43qIebeTFEPDmS_e-SYgUFRlQ2u8rQHWLnWx2JE0flD9q5kHH9mL5bNtakFM9qn9z0F5yd_gmDA08CLO-sKBXmBl-QwslBQ04MDneSDQVb05ddnuNsIGeT9PpTHDSvprOW23ITDnAeVH6TE1lxBPenxMZ0XUzTRsTcZoe7Cr9WUbLjR9nyhL0mDtTmlUQEgzNmy21_qj6TUyCtga9OfOWLJ8h8durWHOpttCMoPwQ9AEU1kJv9yP5QytKgFinWVDNpJVgkNZYhHPPGprc2IP77D2tIqHU_ymTdyXp4b_Cmpqjz4dhgUAJaiApECyZntUilW5es9_KXcmdpb8c9RLe3uaWghuZS3UtSI0jmgjBERMd92yJwlPpyXtSPYzt2jqAID9EramrjTaCl6dsydxp2qgWC9b2qQnXieOVF_KdQ8fKy60-YSPt3wpBeL13-zX57Vfs0mZwlqEtYeNok5XXE9otrbo-cawCPKCPh0Ox-4_egWvEUZ5uFxkck5lfAnlqaJf4K0qYTt5Ac0mq3WhHYjP3wgg_5-ihfXcgOakDOJWrHQ_gYJJ7cFadvxGqNMW9jtQY0_G6kjhjbtPYEzEglJbWt4JCMD4okXzn99PBxOQttSRGagR3-5W-cf1yPqW0WWk4gBAtlEZYQNANUX40558Cjvb-NLLo_QZLxUMCogB4YgzC5c0B5dEM95Q80ZenpNNtbjkbn-8kStuKbGYoQq457C5pB0lxyyWQDVNPc5WMBRaLrRC72m0JdYHkGB40M5nSlc_AEf6CdYd344z1IHdAmwO10TrYbA-Pf_NHNZiT8pwTJqw_Ex2PneMvnRd8bVhtY-0lxm4y1o9hrDUx6-SEWx_zvQP5XMBpcJHaRUdXXqZ4BqOKdvnlUhVdUtFEGZQ3sp-CP63WhgzKa6kbYVUgoasFh9LmU-oefsmCVp76W9p8XTcxT5Z4qdvjFo5hkRMw7B9hN4rt90cfzA-lbrc44pCzHmo6gHPH_PyNLWTx24NY2D0N9ECMQPLuFnwCy8kZrh3_kN1JYILj6_-LsSVxQBS4yOVhdZhXNWROODjj_q0cmvAVrBGEqJNyyRvBGEO41pUkPF-5Dh3dXpNwGzvQl6cBtA9yyhZTtyLYVzpThFOtxFGX-5uY66KODmuGuSit3ehMBmlhySL1QaOtUu0tsm6VgCNfbqKo-_uSHTxNTbKzbr_uDqCz2UV-kZGNdDmcQ16jr-IzytjywBATV9qjzG-K-ebvAef3xltE_CFszIEsJbYAE7frm-ZU5ouVdgvKaJVwzM8SHuNRyGDTfnxpDPoEKWvYOT4cnEL0YqU0E5r-doxTDldfhsjo2XKCFglHEXy1g0ATgCaj4E3w8ZVmMRQiGdGW388vxs1BIoDhXtnO3qPOeO-xfa8BPrpMcJVlOyxl-mK_AEgIOoaEtmwoAyyu-nqjvQ1Tg57aXyyaFZnv6sjbR0-QwOhDnIOIbp6q2CvI5MdboMaD9SlYVNXShNjkHXN-_zjDnlGnL5c3-AedtvC9qfaX0Lt8i8ZjZHovNkwQfo9g9jSgfjzexSkMGcNMufqGSlSRuB4vgUHT1kflYd0ijTS_iVnZ7Pzbo49THXC72dthrXjbKwB0l0jYbvZV9fRjdCZVLNtEBRrJN1YeJ6WvcirGMhogN6GUqqrSUcjm9StIauzMyyJC91HHsCKK0FfbR3CPBn4OYKvjUwc0w4uYEht-FdZaPvu3bxJuw7d_wEG7vVwNdiHsPcAq20YoMlku5QOqwwA3aZSp-xsnP0ZkftMJjepN7eW2ZanPKpvH2ufkiueS4zsf7AgTYIZI9XItmGLcAAgeiO4FOtFYGULHiZ0zF2ViJM0xaz_8glP2P0LA-jhL9YKium7ykIJS934-z9nbrJ9wt5FJGY_guDnUxByPRpc3A3Kx1WyhMvzGNZxqpUDWnF5ZODp_la5GUkKzJ7Fb9OOUvRWwiFph4Mueh_1FgKgGezrsPjtF-okZYnQcseo6fwMxh_a4dJ0e5yuQ7i55f_vZkOMGxc1l34QXBW-BxVPowoAH3ue1TAn3oISBNRBbhiRHRMHd3x2jNafWpC7Dwtgs-kKwBA0TFFObDOuDfRnGPgAQErqF2dTE_r0b3MY60S2bPlKWpWGkGiT-1qglrnnviAXDwUxDx65xg76k8p7sHAsjScHeo8wiUMQufw-4BIysIMgxfHHtN2u_mz55MEgo2ms9byg6HcBUmS0DcerjTR21gToBuvFhYkjEnCOwvq6bvBaErnc5KClGnWfwMbQmO6HoB_-p9ENjm6D_NkOxrFfRGPNfB-fHwkFGYzlyLJrAYpyi5L7iivCzvz6wN9H3yCSCwSe56CsUe84hYKk2sd_NnHsTXUrbapUrFL5Lz74iNEVjCYablsVMrWAmDixgU0JiDkMUhS_KnrcNuE&cid=CAASJORoK1oTEsmV4phCDntASfSJhHlHvz9p5bqF_DD_-qmXvEMzcA&rfl=2%2Chttp%253A%252F%252Fsum.in.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 03:51:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 2F0C 30 KB
11 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 03:42:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F0C 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:58:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4390 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 67213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 09:23:25 GMT
etag: 48472445140208031
expires: Tue, 27 Sep 2022 09:23:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2F0C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd3ea62379d96fe4f19420cb6d82d4fc8f04471982c2bcd79bf18ae9a64c72e4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D88E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1

43 B
842 B

114ms
70ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYlbqtzAEwAQ&v=APEucNXal_lBlVdjMiWHAZzPss58JKC4wkaorOMFE0x1Lx54j3YXic1w6frGRpJ-29C0It1_BWDY2SrQEthYhpkarSft7qzwAC4T_CGAUrS86YxYYb-fcM_TzdwcpuRHtxnOg7uT4qZnRN2HhgyXDSZmEd68V_p21G2mPnd75TyA71Nm-W-F3KQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 751159c71a8e7731-LHR
pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqSY0yCtZuh%2FKkIekyYZKYhsuEV9MReqgTbbgAW4lYcx88nPrIo2rr35XOryvIq4fx1ogAqenG5X4ZYjudLHr6wl4Ls4QJnBbbrEKSAD2Mlg%2FZYzS1q6Ly2%2FPvCvUBNiK8KS0mSHWhhiGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D88E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzJ2GjMoHve-psxSP-M46QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1

43 B
843 B

78ms
77ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYlbqtzAEwAQ&v=APEucNXal_lBlVdjMiWHAZzPss58JKC4wkaorOMFE0x1Lx54j3YXic1w6frGRpJ-29C0It1_BWDY2SrQEthYhpkarSft7qzwAC4T_CGAUrS86YxYYb-fcM_TzdwcpuRHtxnOg7uT4qZnRN2HhgyXDSZmEd68V_p21G2mPnd75TyA71Nm-W-F3KQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 751159c83b4a7731-LHR
pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0k52zRaIZZa43XOEKLE37bhBV34AFBYi%2FOHSqbDFvwv0lnrNF2%2FUKBjdkLosfrNMTWMGjC1eQCjfALLXI%2B1aEhJwEOKslujuuLlOLEoCMSWVAEw83ZNfdbe8rOCn4n4pufj7bKXE1AUSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpX5w7i38krfGBHOhRi064&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D88E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2S64hx_a5-caUhLq8oepE&google_cver=1

43 B
1020 B

50ms
34ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM2S64hx_a5-caUhLq8oepE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMYlbqtzAEwAQ&v=APEucNXal_lBlVdjMiWHAZzPss58JKC4wkaorOMFE0x1Lx54j3YXic1w6frGRpJ-29C0It1_BWDY2SrQEthYhpkarSft7qzwAC4T_CGAUrS86YxYYb-fcM_TzdwcpuRHtxnOg7uT4qZnRN2HhgyXDSZmEd68V_p21G2mPnd75TyA71Nm-W-F3KQ

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 04:03:38 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 34320fa8-4cfd-49da-9de2-5970ffd3575b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM2S64hx_a5-caUhLq8oepE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D88E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU0NDQ5MzEzNzA3NTQ2MTMxMQ%3D%3D

170 B
188 B

141ms
52ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU0NDQ5MzEzNzA3NTQ2MTMxMQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 04:03:38 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bbff7e0e-8f78-41f2-a009-8cfcfea6e6a4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU0NDQ5MzEzNzA3NTQ2MTMxMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 274E 22 KB
8 KB 45ms
44ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 414530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 08:54:48 GMT
expires: Fri, 22 Sep 2023 08:54:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4390 35 B
464 B 148ms
52ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED9DPiPBgspf23mnHz9loTc&google_cver=1&google_push=AZmPxg-PuIj2QLXQr6qtmx8RQ4GyoImt2ILhGT_rhHsZB4PmHouiS_ISJ34rzcWNNWMFqFprfFQXVrmvIrEqkb18KaIyD3NQpL4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4390
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECPp7xI78NtRb1em5DgCHGQ&google_cver=1&google_push=AZmPxg-bO2Brk372YGKfbfyTToJ0lQhPaa6fIMvH_1RgQ_c0JvmOfkkOLaLo9UoW38m_0lh7QFWRpm9_QbdFhAqstvwLeGe5apIm
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bO2Brk372YGKfbfyTToJ0lQhPaa6fIMvH_1RgQ_c0JvmOfkkOLaLo9UoW38m_0lh7QFWRpm9_QbdFhAqstvwLeGe5apIm&google_hm=Q0FFU0VDUHA3eEk3OE50U...

170 B
188 B

58ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bO2Brk372YGKfbfyTToJ0lQhPaa6fIMvH_1RgQ_c0JvmOfkkOLaLo9UoW38m_0lh7QFWRpm9_QbdFhAqstvwLeGe5apIm&google_hm=Q0FFU0VDUHA3eEk3OE50UmIxZW01RGdDSEdR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 04:03:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bO2Brk372YGKfbfyTToJ0lQhPaa6fIMvH_1RgQ_c0JvmOfkkOLaLo9UoW38m_0lh7QFWRpm9_QbdFhAqstvwLeGe5apIm&google_hm=Q0FFU0VDUHA3eEk3OE50UmIxZW01RGdDSEdR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4390
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-bG4Q3...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-bG4Q3...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjcwNDAzMzkwMDA0NzUwNDY3ODQ0NA%3D%3D&google_push=AZmPxg-bG4Q3eoJ9EOzm4w43uaLBWzadvE0UOAf1btG5WX9IHhCRFcf_XPZgXCq0jyuWnI...

170 B
188 B

55ms
54ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjcwNDAzMzkwMDA0NzUwNDY3ODQ0NA%3D%3D&google_push=AZmPxg-bG4Q3eoJ9EOzm4w43uaLBWzadvE0UOAf1btG5WX9IHhCRFcf_XPZgXCq0jyuWnIO9sfiL6gPkpLHfYM6LhbGrPR6PZRnW

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjcwNDAzMzkwMDA0NzUwNDY3ODQ0NA%3D%3D&google_push=AZmPxg-bG4Q3eoJ9EOzm4w43uaLBWzadvE0UOAf1btG5WX9IHhCRFcf_XPZgXCq0jyuWnIO9sfiL6gPkpLHfYM6LhbGrPR6PZRnW
pragma: no-cache
date: Tue, 27 Sep 2022 04:03:39 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 27 Sep 2022 04:03:39 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4390 43 B
351 B 153ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEmYG_7zuxqTU7yFtOVx7Hg&google_cver=1&google_push=AZmPxg-04FYvLQ7jTa0CnSB7pD0DBkGV6E_WifAhisEo3MQGtK4i7uiO2G-CdNNfvqx3XSJHHdywGQuMbjRYdhGCNIbyPQ2UzeVa
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:37 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: api4gmqq1bdra2hsb9qifbhplokil9p4

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4390 0
166 B 150ms
30ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDgU6250jrXbq6WkkANYY6k&google_cver=1&google_push=AZmPxg9qPzmO_DT9shCfYmEAI32H_KAQJSAb69clv3BtuZ7Laxbf0mWCySCws9tWnRQ39PbPt7vj0pPunwTq6Lgw7VdX3hheU78T
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4390
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFLcDs5Cy6mnBC-6npc63i0&google_cver=1&google_push=AZmPxg_1ECpSH8oUo5HXVM_bC01BFE5SWdmUy9rh1hiwkUFi6AFDmF4UrS3hTCzFJA2TU2xup_b...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhKT0JQNzYtVi1IWEhZ&google_push=AZmPxg_1ECpSH8oUo5HXVM_bC01BFE5SWdmUy9rh1hiwkUFi6AFDmF4UrS3hTCzFJA2TU2xup_bIglL8R5z-WqM93gBrfPWTXlwS

170 B
188 B

58ms
57ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhKT0JQNzYtVi1IWEhZ&google_push=AZmPxg_1ECpSH8oUo5HXVM_bC01BFE5SWdmUy9rh1hiwkUFi6AFDmF4UrS3hTCzFJA2TU2xup_bIglL8R5z-WqM93gBrfPWTXlwS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhKT0JQNzYtVi1IWEhZ&google_push=AZmPxg_1ECpSH8oUo5HXVM_bC01BFE5SWdmUy9rh1hiwkUFi6AFDmF4UrS3hTCzFJA2TU2xup_bIglL8R5z-WqM93gBrfPWTXlwS
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4390
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_hm=YzJ2GlD1rG0EdUVxatkKmgAAES8AAAAB&google_nid=index&google_push=AZmPxg8RlzUUh_v76NPT8R4Hz4Mq-ByB2oO34...

170 B
188 B

53ms
53ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_hm=YzJ2GlD1rG0EdUVxatkKmgAAES8AAAAB&google_nid=index&google_push=AZmPxg8RlzUUh_v76NPT8R4Hz4Mq-ByB2oO34Dfzga_Yw4Oe4-eeKqxNM4NYqJ1nOFQdgWiXFcOonKnPcMXZaN_VhEXGl6m--YiR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnV%2FNokrH70X6gs%2B5P9bAmELOkhu%2FI2G67LOmgrX9n9CxfMzB44rDhlQufxoAGBj9I7s34Fob2N0uqZtwywhX59RqKb%2FaPxEZGA8aFiWP8N9UrudNoBSHFEM39tPvkl6bINxvdIOfn%2FWVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAJ90j4RN_lADOMw3kvO9wc&google_hm=YzJ2GlD1rG0EdUVxatkKmgAAES8AAAAB&google_nid=index&google_push=AZmPxg8RlzUUh_v76NPT8R4Hz4Mq-ByB2oO34Dfzga_Yw4Oe4-eeKqxNM4NYqJ1nOFQdgWiXFcOonKnPcMXZaN_VhEXGl6m--YiR
cache-control: no-cache
cf-ray: 751159c74a70dcbb-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4390 0
232 B 144ms
68ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiKFBQOPwv9v8hDWKbrur9pCAHEexnJAlIYaVDUVBaC85W5iyP68c1-vpvnFJttB2QPNWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 04:03:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 274E 36 KB
16 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 23:23:11 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/6526861/1654786520717/ Frame CD6F 7 KB
2 KB 150ms
46ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6526861/1654786520717/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c5df2198a9bffb958e61ed2835d9b47e61af93f11ef1d10431cc15c090e268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 34312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 2038
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 18:31:46 GMT
expires: Tue, 27 Sep 2022 18:31:46 GMT
last-modified: Thu, 09 Jun 2022 14:55:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F0C 0
622 B 208ms
87ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_q3Ez4UoeFgTAzUyJeQEmpj9s0mvFn7Qe9RPOxK9TGawoBvX0QJHT04W6BuOpjvqS7lZKr0CIRJs5Icjkbsi7yEcUorce2ZcUdDVzgbWdA8UdIioudUeCMkW6XV3uXsIE20cFbG22lWKzBgR-4RYtv_Xe2F7sGaXxVpQFjO1OsyMpJn0rO1lhW3U5_iCyaJWiwqgh1zv2MadS-XhaD4j1NAWWpOw7HtTwFaY0Qs9jndcUbtUKIu8e59r3xCMMhkSYA2whP_3xTwq-J9DaEzgKrQt7mtWO7MzxOvsApia4QsId-mkdBAJB5xltfOE7oNARWMUQVNI2YFyWqqFEcIfMVdLTh0957g0tVj8ChiYCNLr-GuSHyzZ0P5AALlaphvAa--N7ylw6L3oD4HK1A-0fp70Ppp2EmU7z8DnXWFtgmhyLEoTq3hrt5PKsvl-g67tzE2w11h2q4txceVFtkzsWdgTSpxGy7m065-JacU2qYntAgZgAIegPDXtXKhp0xgzbLrxu6i0l4dlVKfN_Y8ff9aohnOpE102F3WIxdUMLik-98JUwMkqRrXqSZHX1drrZ2sKbhQ4uicH9CnYPipC03FzGeTeruYMxBDa2iPy6GNaS9_fuWuTebTJY56AreHb4j90RIivrMmZyP3KSrHjwwZu5ZLqiF_vIPWBIMjuD5hz6pXYTl-CDzFebHZycQqzbcv7q7A52EZ20xxJu8_Is43uuOhVjJKfWgTBWJaa3ku97spczOqY_vpDmgtUUcaWRpRjtADx3qsQA2lYZh0Wn8RX6c9TMTcx1XGWOLjKaSaV43eJ3wllnKeBuZjXzKbA-h-6POFNAYZ23ANNwmruBSk8-RT41HquEAoc96qmL5wDckPBygCsqtvdNqxj176WVb1n8ncNvBh8WYI7_t_fvoMi84byNYB4C-x7VCDczqYpxYM9Fl7IpMGUlGzdp4HB5UFxpfvShgwHUhE0p0ge2MXzIlTCCHkZg7EHHb_C6On0441jWwonHwgAdLcIuBrq2DP7AuUGt1rh0Sp__lEZ7KiVukKzA-lyGN5Yj4yLpo0_TeBNRu7or-REWzxrUBsVxbl7AToNFmGM6yesnBDI7bdbALXHdgvnUcYjdBbcoVk3iQj2aTwv3EOyhZ_WS26bmFRErvdOON5Q4Eg_f6h2SGYK9B36slnLscZyrL6g-sTM1ra1fn0rCqUx4nvLLAYKMKjtgyInwc82PwNAMkItyVaY&sai=AMfl-YRuVmJEjRsMGQ_CrAVbYjvGpp1z0ZqGiAY_TqXKAZfRYk_zpOXHXRjB3c32VAERo9vnypCH3mq-IVEZMwbnC5sdjZwn1nSCjV1Na62a1hMdLEos5yOHv5SEuUtXw3H3agdFA3vluxi4h4TqLzmhG6YQApRoeQGCEJelpwQTprC6vx0XDcBOYS-4CzgpL_JGskpJ9jnOb5FgPzjhRtkN_K67KJ8OF3CM87kEqdveI-_S&sig=Cg0ArKJSzL3ibdTyPLOGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=214&cbvp=1&cstd=210&cisv=r20220922.55562&adurl=

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 27 Sep 2022 04:03:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame 2F0C 35 B
2 KB 175ms
69ms Image
image/gif 2a02:26f0:3500:58c::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=10559931&siteID=N6024.328593VIVAKI.COM&creativeID=172877311&placementID=338311202&rnd=317292336&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:5b4dbfaf-2d3f-4217-81a4-dbc3623f316f
Pragma: no-cache
Referrer-Policy: unsafe-url
X-Frame-Options: ALLOWALL
Date: Tue, 27 Sep 2022 04:03:38 GMT
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: max-age=0, no-cache
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires: Tue, 27 Sep 2022 04:03:38 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 2F0C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1072894/63765042/4.js?ias_dspID=3&ias_campId=29077561&ias_pubId=pub-2843374221922515&ias_chanId=1&ias_placementId=17445309813&bidurl=http://sum.in.ua/&ias_deal...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

102ms
54ms

Script
application/javascript

2600:9000:2491:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:2491:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: .FvT8.adatXQqepC.f_awHqI.Z2HyzG1
content-encoding: gzip
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
age: 308670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 16 Sep 2022 14:19:02 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 14:19:09 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: _w-i8GJfseMKs88X3S3r9oNSWWahMiiKi55lXkVD_F3TlHT5Im66hA==

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 30F0 91 KB
23 KB 170ms
48ms Script
application/javascript 2600:9000:2491:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
content-encoding: gzip
age: 476842
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: tHNHcGwkjjDzHPOQmS8pWi5BCq5YVHu_wT1I0-9FvsbgkQyihI57Jg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F0C 43 B
215 B 600ms
185ms Image
image/gif 2600:1f13:800:7781:14d1:10cc:3c25:3c47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1072894&asId=7d41f236-b496-f643-32da-19817938aab5&tv=%7Bc:pnSISS,pingTime:-3,time:80,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:80,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B73~0%5D,as:%5B73~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiBvlDI+111%7C12%7C13%7C14%7C15%7C161*.1072894-63765042%7C1611%7C1612%7C16131%7C1614,idMap:161*,rmeas:1,rend:0,renddet:DIV,siq:25%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:39 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F0C 43 B
216 B 598ms
183ms Image
image/gif 2600:1f13:800:7781:14d1:10cc:3c25:3c47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1072894&asId=7d41f236-b496-f643-32da-19817938aab5&tv=%7Bc:pnSISW,pingTime:-6,time:84,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiBvlDI+111%7C12%7C13%7C14%7C15%7C161*.1072894-63765042%7C1611%7C1612%7C16131%7C1614,idMap:161*,rmeas:1,rend:0,renddet:DIV,siq:25%7D&tpiLookup=ao:sum.in.ua%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:39 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F0C 43 B
215 B 556ms
184ms Image
image/gif 2600:1f13:800:7781:14d1:10cc:3c25:3c47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1072894&asId=7d41f236-b496-f643-32da-19817938aab5&tv=%7Bc:pnSITx,pingTime:-2,time:121,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:499,beZ:500,mfA:502,cmA:504,inA:504,inZ:509,prA:509,prZ:517,si:524,poA:525,poZ:561,cmZ:561,mfZ:561,loA:583,loZ:586,ltA:620,ltZ:621%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:121,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B115~0%5D,as:%5B115~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiBvlDI+111%7C12%7C13%7C14%7C15%7C161*.1072894-63765042%7C1611%7C1612%7C16131%7C1614,idMap:161*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:25,sinceFw:95,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:39 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 styles.css
s0.2mdn.net/6526861/1654786520717/stylesheets/ Frame CD6F 8 KB
2 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6526861/1654786520717/stylesheets/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54b0831772aea6c1a5f8390541cee6a181b2e4aa6dec3547dfdc687e75571f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1654786520717/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1601
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:55:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:31:47 GMT

GET
H3 200 __flag1.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 350 B
275 B 44ms
43ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1654786520717/images/__flag1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

339afa3945b381ee4aff904c91f8842f87d2f0d0358433cd2721afa3d37a74d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1654786520717/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:55:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:31:47 GMT

GET
H3 200 _photo1.png
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 9 KB
9 KB 41ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1654786520717/images/_photo1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464a52387d3b6e7e68987bf230445cf02c42ff37d1d9898566c3956e995756b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1654786520717/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:25:51 GMT
x-content-type-options: nosniff
age: 34667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9484
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:55:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:25:51 GMT

GET
H3 200 __copy_11.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 7 KB
2 KB 41ms
41ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1654786520717/images/__copy_11.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aba6796b5e7947aa3355f713fe4ceca9ddbf7ba502d81eef8de272b37043fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1654786520717/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2342
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:55:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:31:47 GMT

GET
H3 200 __copy_12.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 7 KB
2 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1654786520717/images/__copy_12.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca81412c0100bce529b9b6394afac01902f9caa7b70e7697befe46720948237c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1654786520717/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2251
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:55:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:31:47 GMT

GET
H3 200 _photo2.jpg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 1 KB
0 43ms
42ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6526861/1654786520717/images/_photo2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/6526861/1654786520717/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:25:51 GMT
x-content-type-options: nosniff
age: 34667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8727
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 14:55:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:25:51 GMT

GET __copy_21.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 0
0

GET __copy_22.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 0
0

GET __end1.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 0
0

GET __end2.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 0
0

GET __cta.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 0
0

GET __logo.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 0
0

GET refresh.svg
s0.2mdn.net/6526861/1654786520717/images/ Frame CD6F 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 274E 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrrInGnYyY_jLEKWk3gPulI3oDgAAAAA4AeAEAg&bg=!KSqlKm7NAAYIxsuQKMY7ACkAdvg8WmKmRWHLae7QDK2zGojCDybduRpBEoy_l8zaoHzko1b5mMRjzQIAAADmUgAAAAJoAQeZAvSpP-omL2VL0jRaW5uyHzF_kisZ7qEEK8KGoDE8hg-vjzc0grXkq4U5iFQn09wDTJe7XYOdiM35OHAlREDys9nx4xw0cbju66_o8WURkN9ROLYL1z70UOMhztpmqXEHWiWcx9MUauozAjQcu5tcb3xRfxqhBhohm4-4Lu8jCJBqDKcgkRCSYctgobtCRHLNSCOagkP9CpX7aUYgVlx2hgyOmp_B12uPiXbS47UQ8JNj45jF8Cgof_Rlezu4PhshG-4kcn5SC5AOtaYpegkg8sTeND_59BIEQGL1lwc1AROWBLyvDOls4f-j0bike_YEFiSyYaQ5wb26a3J7itPvctFgPxu6Cy8k1nTPx5YOG9ulv4su_DDENN_8A2F1Uoa55F5NDjP70KAZZIV7sB8r--w3F2OuHAQrYXHTenAUKSCNfSwao62xCUMTtxG76nMz9ga-Ha1kbaq6yQNS4lNK_rkflFXcTAKxYb9a5cMTzFHBufEe3woL0kj9iqyOjLbFq4AbNlwbA4cS29u-i3WugmXjymYKMrB1SQtl0ME4jD3JheS3GCUORlpnL7ce-0nuWIKOs2XsnjIottvg3oJsQ0KfDaK6gxkirwg6qOEXcknFI4gWIa2JeTZ7s5HjzSE2mj2zDP6aRNbz_1KAvmfSCVS1X1kty---AVkER1Vs-E-bPgcx2qBw5nnn3Y1bzb-gH79Odoi8kNwn1n38ooYUXB_Xo4UzTuWznFH6ri1vH8P70slJwd2eQN2kxBDGa8MJfLVAPwmLX9sSmAseWQnL5NcQ6FjnuZDVrv9g_S6LlRA2HwzwDJWjRs6y087TpFohad46T0k1iRCebAtwHtj9vRfMOhlQDE2zaOoRujV902xA0seJ7UfvwDWVEYgKisuVRHOerlGhpaniDsEfQ5JPbjUzvP4ICTp2fauOFgkLLX58RStm2G4SmHC6h6XxvczdVQydQiPgLoNj-y-G9QHNfJI03yS7NVF3a5pN0B-Bk3-33PTDbm8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F0C 0
26 B 159ms
77ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYxfCNjvseVA9lO-q_Vfn5V-YUG6ITgvWfYOJU88k3qcGXapwKztL9BkGZqsvsQLstfEtfqWJU1_cEwqTRtfYJDJ19CzOyQgfGLT2Q9mJHqsFlUse-kL2_auCo7WHBRuYvpaOKtAwsc8cAUmZABQ-Tzh6lNFNG5oGJ56mEeWwK3ahKpgEW5WtaSFRytwQT9wJjuBcxb_wjEA&sai=AMfl-YSDhbjH1OfcZArZwIqrtsRwIVQSxvXEs6SCdzSPDdulUzRhgaXDOhYql6-bdKRDK29cie08rnxqbQiho8XFCVNEqRRdFOwjg2Oik-_Ompv-9F891hQhY-nw5bIGHFBUQFGUlvaivjMlb4SasDin&sig=Cg0ArKJSzD8oYkwF_yKNEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 passback_728x90.js Show response
static.adsafeprotected.com/ Frame E04F 3 KB
2 KB 39ms
39ms Script
application/javascript 2600:9000:2491:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
etag: W/"696b4c19d35efd706805137a8a4b3831"
age: 13317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
date: Tue, 27 Sep 2022 00:21:42 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: N3mHuV02ncMTMlBRUWopirDKNyITxhE-I_-U1NJMrFZGD5vmkkw8Cg==

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame E04F 10 KB
10 KB 42ms
42ms Image
image/png 2600:9000:2491:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
etag: "b1464a7201f691a1e4cf6fc057919d7f"
age: 210135
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
date: Sat, 24 Sep 2022 17:41:25 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: GFbPjxawGsX0xVknvgzX_VBPB_4f7tFjBb7QusEprrb6rOunwN-MEg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F0C 43 B
215 B 184ms
184ms Image
image/gif 2600:1f13:800:7781:14d1:10cc:3c25:3c47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1072894&asId=7d41f236-b496-f643-32da-19817938aab5&tv=%7Bc:pnSJ0a,pingTime:-10,time:532,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002022202222222002020222222202022222220222202000022000220222220000000002202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1664251419229%7C%7C8969bcc45af908580c13ef1775bfd6ff%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C9b738b361a3655c0caea20065deac6eb%7C%7C6d817299bd70a40b14b487951af1bfab%7C%7C54cd6221374f7877f50cba54cc099e6c%7C%7Cdbc8abceddaae520ec744d6c5dc7a744%7C%7Caea059cee46f9301d6d5425f68586c35%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:14d1:10cc:3c25:3c47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:39 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F0C 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQolZ4D7B-RQdBeC4Dod853UdIHV9B5DGrcIig3IxRxub7Bti5r20wpvcRIJMM1d6hOZnEn14bfjGUM2bt4Hd8OzSMt__2k0nbv0lrl4aYN233UGZPbuJ-Ukkp&sai=AMfl-YQepJmlmLpdrDC8RGo885DnnQWxFDSZtAMxoUQRkL6IX1tVWeL0a5pd0K8D9Pv7yS__hIrIRR4bMQdQ7Mg7GacW08tZG6gSlX70mQffbFTCWhA-Y_94cMgPafU&sig=Cg0ArKJSzJ-bzT2-pwMlEAE&cid=CAASJORoK1oTEsmV4phCDntASfSJhHlHvz9p5bqF_DD_-qmXvEMzcA&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=332,817,1000,1005,1005&tos=332,485,183,5,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1664251418199&rpt=274&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 04:03:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F0C 0
26 B 80ms
79ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sum.in.ua
URL: http://sum.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 04:03:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/images/__copy_21.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/images/__copy_22.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/images/__end1.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/images/__end2.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/images/__cta.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/images/__logo.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/6526861/1654786520717/images/refresh.svg

Verdicts & Comments Add Verdict or Comment

291 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sum.in.ua/	1970-01-20 06:17:34	Name: kohana Value: vg9h0n6f7q41e5tqajeao1l552
sum.in.ua/	1969-12-31 23:59:59	Name: b Value: b
.i.ua/	1970-01-20 06:17:33	Name: __cf_bm Value: OAFiCLhRQjaYq63J7IQfUqrIAkYD1mJ_.AoACoHkSZo-1664251415-0-AUJb52AjlMbSjOD3zsl0YGGgnT5gNKdGPCWaZpeXZv2HtwXcOdpJJbqAuJxZ1uS0xfcf+0KdygGvy5BWT2ZVtGE=
.yadro.ru/	1970-01-20 15:02:42	Name: FTID Value: 1ZCdON0mWr8P1ZCdON002LMG
.sum.in.ua/	1970-01-20 15:39:07	Name: __gads Value: ID=568ae8eeec68eec2-22eeaf2a30ce0094:T=1664251416:RT=1664251416:S=ALNI_MYEg4stTFGu-4jxoiWgmyiVGToK6w
.yadro.ru/	1970-01-20 15:02:42	Name: VID Value: 18vvS902oGOP1ZCdOO002LMk
.doubleclick.net/	1970-01-20 15:39:07	Name: IDE Value: AHWqTUmmCKm6vHcg_qoUOmDnI0rFDwqnTWMDBauoooeN_cvE0nN6VU_ct6SHwCCGt5Y
.adnxs.com/	1970-01-20 08:27:07	Name: uuid2 Value: 2544493137075461311
.quantserve.com/	1970-01-20 08:27:07	Name: d Value: ECYBCQGZJ4EA
.quantserve.com/	1970-01-20 15:47:45	Name: mc Value: 6332761a-9bc23-8f5ce-566fe
.casalemedia.com/	1970-01-20 08:27:07	Name: CMPS Value: 4399
.agkn.com/	1970-01-20 15:03:07	Name: ab Value: 0001%3A1jUjC8vJGTftWTJJzEXK%2FYUGErF3FNUM
.agkn.com/	1970-01-20 15:03:07	Name: u Value: C\|0CEAqxTKaKsUymgAAAAAAAQ13AQCAAQpAAAAAAA
.adnxs.com/	1970-01-20 08:27:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVLetTF/!]tbPl1M>e)ZlrFUfJ+tGXxpG?9_L`:Vdc![K_ehFWO@Z:AO!(]5jv0^OdZ3If)y3KL9D3I?+(%8Qd
.insightexpressai.com/	1970-01-20 15:53:31	Name: IXAI61072 Value: FTF
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW_Time Value: 1664251418
.insightexpressai.com/	1970-01-20 07:54:51	Name: DW Value: 00000000-0000-000b-d4e4-5e1664251418
.insightexpressai.com/	1970-01-20 07:54:51	Name: TID Value: 00000000-0000-000b-d4e4-5e1664251418
.casalemedia.com/	1970-01-20 15:03:07	Name: CMID Value: YzJ2GlD1rG0EdUVxatkKmgAA
.casalemedia.com/	1970-01-20 08:27:07	Name: CMPRO Value: 4399
.casalemedia.com/	1970-01-20 08:27:07	Name: CMTS Value: 4553
.e.dlx.addthis.com/	1970-01-20 15:47:45	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:47:45	Name: na_id Value: 2022092704033900047504678444
.addthis.com/	1970-01-20 15:47:45	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:47:45	Name: uid Value: 6332761be138fd24
.addthis.com/	1970-01-20 15:47:45	Name: ouid Value: 6332761b000190cd2613550e23f6fb34d9b58d1da6e8a924c757
.dlx.addthis.com/	1970-01-20 07:00:43	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:00:43	Name: na_sr Value: 20220927
.dlx.addthis.com/	1970-01-20 06:17:31	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:00:43	Name: na_sc_e Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://sum.in.ua/(Line 124) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.5380452730108178&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://sum.in.ua/(Line 124) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=0&w=1600&h=1200&d=24&0.5380452730108178&r=&u=http%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
c.hit.ua
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
d.agkn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.i.ua
ib.adnxs.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.i.ua
rtb.openx.net
s0.2mdn.net
secure.insightexpressai.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sum.in.ua
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
s0.2mdn.net
104.18.18.126
104.18.19.126
104.18.2.81
104.18.3.81
142.250.186.162
172.217.16.194
185.89.211.84
195.242.161.64
198.47.127.19
2600:1f13:800:7781:14d1:10cc:3c25:3c47
2600:9000:2491:1600:8:48e:53c0:93a1
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::200a
2a02:26f0:3500:58c::1ec4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.123.239.111
35.227.252.103
54.77.210.17
69.173.144.138
69.192.160.219
88.212.201.204
89.184.81.35
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0910b236e71a11fd240229f4de8744568318362aed0fd7730373f8b95894faf2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc232c5e52c4e4729ce5991da82262fe77cbb07a99f1f3dd4f4d750a0a097bd
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
2306d34278a2f34609e03adcb058b44360a08ea30cc4a6f6bc05e44c8daffb91
2eb969e47781a3dc294bf4f539c8379ec942a2c9d268f40bd03f4b73229e6738
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
339afa3945b381ee4aff904c91f8842f87d2f0d0358433cd2721afa3d37a74d0
364deea79b3393a8802e791e34b52973e6f053c7d44df4a5b0233938b07354a4
40a4d8d026efcefc8c176273da0c376f917b3652d6979e1459e953be44d9bc2d
41c5df2198a9bffb958e61ed2835d9b47e61af93f11ef1d10431cc15c090e268
44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0
464a52387d3b6e7e68987bf230445cf02c42ff37d1d9898566c3956e995756b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcf32cbf8d92329a3ff29e0c28239e1611a3a70049e91804c570d549b0b75ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
547e8cafa00f6daef035a1465080bf078e7216bcb040fe8edb02f271fa997ac3
54b0831772aea6c1a5f8390541cee6a181b2e4aa6dec3547dfdc687e75571f8f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b0a3f0e5b950cce96462f72fd87d58e501f1547510748604bcc6c806dc382a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5aba6796b5e7947aa3355f713fe4ceca9ddbf7ba502d81eef8de272b37043fe1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a7ca0201eff2f12f086564de37fefe3e1051366a1779fc17d973470586b5c525
a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ed55574359400cac8d5024fdf4eae7e04a4ec5f665cacc097ccaea18c5df29
b358b3ff7bc2bdc5813afe4c776d3c56f74629ef40a4c3bf4c66ca87c3e569cc
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bd3ea62379d96fe4f19420cb6d82d4fc8f04471982c2bcd79bf18ae9a64c72e4
bd45ad649f9e896089573124a86b6f55475b9d898426156d369935b787e53eca
bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c55b23a0666c100163a47103a3401450f60707ac777ab3d7f6b0697b158d4721
c668a07a046c04baf01c1fc0b9869dcf49bc47b5d80894a0c40f63cc9ab7d364
ca81412c0100bce529b9b6394afac01902f9caa7b70e7697befe46720948237c
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d88945c623841d5846b621b0e3cd2081d36f87f2f2a873103473b34ea66a99a4
db5beea7a3b46be9d88ba83f2c27068cbcc511f53a91c03d318cfffd2b2a892d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
eb34badde20d894743d71f239b1b92893b9145c38dbbd83adff3561f3b8aa821
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

sum.in.ua Open in urlscan Pro 195.242.161.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

74 %HTTPS

53 %IPv6

25 Domains

34 Subdomains

30 IPs

6 Countries

1035 kBTransfer

2650 kBSize

30 Cookies

3 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sum.in.ua Open in urlscan Pro
195.242.161.64 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

74 %
HTTPS

53 %
IPv6

25
Domains

34
Subdomains

30
IPs

6
Countries

1035 kB
Transfer

2650 kB
Size

30
Cookies

102 HTTP transactions
4 data transactions