daily.com.ua Open in urlscan Pro
167.86.79.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://daily.com.ua/
Submission: On August 09 via api (August 9th 2022, 7:28:09 am UTC) from GB — Scanned from GB

Summary HTTP 261 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 73 IPs in 11 countries across 86 domains to perform 261 HTTP transactions. The main IP is 167.86.79.74, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is daily.com.ua.

This is the only time daily.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	167.86.79.74 167.86.79.74	51167 (CONTABO) (CONTABO)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9	212.42.76.150 212.42.76.150	8856 (UKRNET Kiev) (UKRNET Kiev)
3	95.163.114.203 95.163.114.203	12695 (DINET-AS) (DINET-AS)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1 1	93.178.245.3 93.178.245.3	6703 (ALKAR-AS) (ALKAR-AS)
1 2	178.136.243.215 178.136.243.215	6703 (ALKAR-AS) (ALKAR-AS)
1	46.254.107.12 46.254.107.12	57167 (CITYHOST-AS) (CITYHOST-AS)
2 4	195.214.195.40 195.214.195.40	8856 (UKRNET Kiev) (UKRNET Kiev)
5 10	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
15	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
11	159.69.174.227 159.69.174.227	24940 (HETZNER-AS) (HETZNER-AS)
4	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 16	212.42.83.135 212.42.83.135	8856 (UKRNET Kiev) (UKRNET Kiev)
2 3	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	159.69.174.229 159.69.174.229	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2 2	176.9.60.211 176.9.60.211	24940 (HETZNER-AS) (HETZNER-AS)
2 22	104.96.160.13 104.96.160.13	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	47.246.133.89 47.246.133.89	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	185.117.134.138 185.117.134.138	204006 (IQOPTION) (IQOPTION)
1	104.111.243.137 104.111.243.137	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2606:4700::68... 2606:4700::6812:713a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.52.92.164 52.52.92.164	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:205... 2600:9000:2057:5c00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700::68... 2606:4700::6811:ad20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.22.6.169 104.22.6.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.106.108 104.16.106.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.47.213.49 23.47.213.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	172.67.191.237 172.67.191.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	167.71.140.86 167.71.140.86	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 3	2606:4700::68... 2606:4700::6812:6528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:3b3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	45.60.78.64 45.60.78.64	19551 (INCAPSULA) (INCAPSULA)
1 2	2a02:26f0:170... 2a02:26f0:1700:383::277d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	65.9.66.84 65.9.66.84	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.92 65.9.66.92	16509 (AMAZON-02) (AMAZON-02)
1 1	195.85.23.222 195.85.23.222	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 1	31.192.112.221 31.192.112.221	48684 (VIKINGHOST) (VIKINGHOST)
1 1	195.85.23.89 195.85.23.89	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	195.85.23.96 195.85.23.96	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700:440... 2606:4700:4400::ac40:93b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.45.191 34.120.45.191	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6814:10f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:5384	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:490c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.20.0.53 104.20.0.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	96.16.144.167 96.16.144.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.42.86.57 52.42.86.57	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:235... 2606:2800:235:1c73:1f86:1376:22ce:2cd	15133 (EDGECAST) (EDGECAST)
1 2	151.101.1.29 151.101.1.29	54113 (FASTLY) (FASTLY)
1	23.216.77.36 23.216.77.36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:66c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:10:... 2606:4700:10::ac43:16c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	107.154.132.27 107.154.132.27	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700::68... 2606:4700::6813:b729	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2a83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	172.64.154.123 172.64.154.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.201.62 104.18.201.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4d5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	163.181.56.192 163.181.56.192	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	79.133.177.251 79.133.177.251	() ()
3	87.240.190.67 87.240.190.67	() ()
9	47.246.133.151 47.246.133.151	() ()
1	2a00:1450:400... 2a00:1450:4001:82f::2008	() ()
3	95.163.52.67 95.163.52.67	() ()
1	47.254.177.101 47.254.177.101	() ()
6 8	2a02:6b8::90 2a02:6b8::90	() ()
1 1	142.250.181.226 142.250.181.226	() ()
1 2	188.42.196.115 188.42.196.115	() ()
1	82.145.213.8 82.145.213.8	() ()
261	73

42 167.86.79.74 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: daily.com.ua

daily.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com

informers.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.114.203 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.178.245.3 (Lviv, Ukraine) 1 redirects

ASN6703 (ALKAR-AS, UA)
PTR: 3-245-178-93.ll.lviv.farlep.net

www.ua-region.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.136.243.215 (Lviv, Ukraine) 1 redirects

ASN6703 (ALKAR-AS, UA)
PTR: 215-243-136-178.dsl.lviv.farlep.net

www.ua-region.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.254.107.12 (Ukraine)

ASN57167 (CITYHOST-AS, UA)
PTR: leaf.cityhost.com.ua

kiev-security.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.214.195.40 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)

informers.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.132.202.70 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

c.her-ber.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
odnaknopka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hlmiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
powered-by-revidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsexample.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 159.69.174.227 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.227.174.69.159.clients.your-server.de

goods.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img3.redtram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 212.42.83.135 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)

kinoafisha.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.202.52 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.174.229 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.174.69.159.clients.your-server.de

fixidle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.60.211 (Weimar, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de

resistcorrectly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.96.160.13 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-160-13.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 47.246.133.89 (United States) 2 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sale.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.117.134.138 (Cyprus)

ASN204006 (IQOPTION, CY)

iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.243.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-137.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:713a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

crypto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platinum.crypto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referral.crypto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.92.164 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-92-164.us-west-1.compute.amazonaws.com

get.mona.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5c00:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

monaco.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ad20 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.mona.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.6.169 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freebitco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.106.108 (None, )

ASN13335 (CLOUDFLARENET, US)

www.rentalcars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.213.49 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-213-49.deploy.static.akamaitechnologies.com

www.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

www.miniinthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lightinthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.191.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rbfxdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.71.140.86 (London, United Kingdom) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

my28.roboforex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:6528 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

chaturbate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:3b3a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paxful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.60.78.64 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

www.exness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.exness.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:383::277d (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

de.hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ch.hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-84.fra56.r.cloudfront.net

www.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net

accounts.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.222 (Czech Republic) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: bongacams10.com

bongacams10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.192.112.221 (Netherlands) 1 redirects

ASN48684 (VIKINGHOST, NL)

trkbng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.89 (Czech Republic) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-89-23-conversasro.com

bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.96 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-96-23-conversasro.com

de.bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93b8 (United States)

ASN13335 (CLOUDFLARENET, US)

creativemarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.45.191 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 191.45.120.34.bc.googleusercontent.com

www.semrush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:10f (United States)

ASN13335 (CLOUDFLARENET, US)

www.activecampaign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:5384 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:490c (United States)

ASN13335 (CLOUDFLARENET, US)

faucetpay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.0.53 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.144.167 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-144-167.deploy.static.akamaitechnologies.com

www.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.86.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-86-57.us-west-2.compute.amazonaws.com

www.tomtop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:235:1c73:1f86:1376:22ce:2cd (United States)

ASN15133 (EDGECAST, US)

de.dhgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.29 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.hotelscombined.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.77.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-36.deploy.static.akamaitechnologies.com

m.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:66c (United States)

ASN13335 (CLOUDFLARENET, US)

changelly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:16c4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.instaforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.154.132.27 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.27.ip.incapdns.net

www.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:b729 (United States)

ASN13335 (CLOUDFLARENET, US)

stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a83 (United States)

ASN13335 (CLOUDFLARENET, US)

kinsta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.123 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.iherb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.iherb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.201.62 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

localbitcoins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4d5a (United States)

ASN13335 (CLOUDFLARENET, US)

remitano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.192 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

g.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 79.133.177.251 (None, )

ASN- ()

ae01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.190.67 (None, )

ASN- ()

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 47.246.133.151 (None, )

ASN- ()

ru.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (None, )

ASN- ()

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.254.177.101 (None, )

ASN- ()

fourier.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::90 (None, ) 6 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (None, ) 1 redirects

ASN- ()

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	daily.com.ua daily.com.ua	4 MB
27	alicdn.com i.alicdn.com — Cisco Umbrella Rank: 18222 assets.alicdn.com — Cisco Umbrella Rank: 9826 g.alicdn.com — Cisco Umbrella Rank: 7012 ae01.alicdn.com	1 MB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	408 KB
16	kinoafisha.ua 1 redirects kinoafisha.ua — Cisco Umbrella Rank: 349968	127 KB
12	yandex.ru 8 redirects mc.yandex.ru — Cisco Umbrella Rank: 3617 an.yandex.ru	128 KB
11	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 557 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 302	174 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net	90 KB
11	redtram.com goods.redtram.com — Cisco Umbrella Rank: 154779 rtb.redtram.com — Cisco Umbrella Rank: 180748 img3.redtram.com — Cisco Umbrella Rank: 199512	52 KB
9	mmstat.com ru.mmstat.com	1 KB
9	sinoptik.ua informers.sinoptik.ua — Cisco Umbrella Rank: 505511	45 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10493	5 KB
4	gstatic.com fonts.gstatic.com	78 KB
4	roboforex.org 3 redirects my28.roboforex.org — Cisco Umbrella Rank: 484946	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	41 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	17 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	199 KB
4	ukr.net 2 redirects informers.ukr.net	2 KB
3	mail.ru top-fwz1.mail.ru	13 KB
3	vk.com vk.com	24 KB
3	iherb.com 2 redirects www.iherb.com — Cisco Umbrella Rank: 40125 de.iherb.com — Cisco Umbrella Rank: 438404	2 KB
3	chaturbate.com 2 redirects chaturbate.com — Cisco Umbrella Rank: 13910	8 KB
3	adsexample.com 3 redirects adsexample.com — Cisco Umbrella Rank: 218944	1 KB
3	crypto.com 2 redirects crypto.com — Cisco Umbrella Rank: 34949 platinum.crypto.com referral.crypto.com	1 KB
3	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	863 B
3	aliexpress.ru 2 redirects sale.aliexpress.ru — Cisco Umbrella Rank: 261125 login.aliexpress.ru — Cisco Umbrella Rank: 29724	7 KB
3	aliexpress.com 2 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 20123 login.aliexpress.com — Cisco Umbrella Rank: 35685 fourier.aliexpress.com Failed	3 KB
3	hlmiq.com 1 redirects hlmiq.com	2 KB
3	fixidle.com fixidle.com — Cisco Umbrella Rank: 160702	8 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9467	2 KB
3	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 159174	24 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 267 fonts.googleapis.com — Cisco Umbrella Rank: 67	36 KB
2	betweendigital.com 1 redirects ads.betweendigital.com	1 KB
2	localbitcoins.com 1 redirects localbitcoins.com — Cisco Umbrella Rank: 142606	457 B
2	thelotter.com 1 redirects www.thelotter.com — Cisco Umbrella Rank: 208722	615 B
2	instaforex.com 1 redirects www.instaforex.com — Cisco Umbrella Rank: 408506	1 KB
2	hotelscombined.com 1 redirects www.hotelscombined.com — Cisco Umbrella Rank: 87243	2 KB
2	cex.io 1 redirects cex.io — Cisco Umbrella Rank: 166459	912 B
2	bongacams.com 1 redirects bongacams.com — Cisco Umbrella Rank: 53356 de.bongacams.com — Cisco Umbrella Rank: 374624	1 KB
2	binance.com 1 redirects www.binance.com — Cisco Umbrella Rank: 17266 accounts.binance.com — Cisco Umbrella Rank: 105439	305 B
2	hotels.com 1 redirects de.hotels.com — Cisco Umbrella Rank: 219697 ch.hotels.com — Cisco Umbrella Rank: 873256	3 KB
2	exness.com 2 redirects www.exness.com — Cisco Umbrella Rank: 156206	2 KB
2	paxful.com 1 redirects paxful.com — Cisco Umbrella Rank: 214639	465 B
2	freebitco.in 1 redirects freebitco.in — Cisco Umbrella Rank: 115848	254 B
2	mona.co 2 redirects get.mona.co app.mona.co — Cisco Umbrella Rank: 96569	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	87 KB
2	resistcorrectly.com 2 redirects resistcorrectly.com — Cisco Umbrella Rank: 206448	678 B
2	odnaknopka.ru odnaknopka.ru — Cisco Umbrella Rank: 213123	1 KB
2	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 150010 i.bigmir.net — Cisco Umbrella Rank: 288276	1 KB
2	ua-region.com.ua 1 redirects www.ua-region.com.ua	2 KB
1	opera.com t.adx.opera.com	463 B
1	googletagmanager.com www.googletagmanager.com	64 KB
1	remitano.com remitano.com — Cisco Umbrella Rank: 322466
1	kinsta.com kinsta.com — Cisco Umbrella Rank: 141065
1	stripchat.com stripchat.com — Cisco Umbrella Rank: 18781
1	changelly.com changelly.com — Cisco Umbrella Rank: 203747
1	tiktok.com m.tiktok.com — Cisco Umbrella Rank: 21642
1	dhgate.com de.dhgate.com — Cisco Umbrella Rank: 208573
1	tomtop.com www.tomtop.com — Cisco Umbrella Rank: 269523
1	agoda.com www.agoda.com — Cisco Umbrella Rank: 31362
1	faucetpay.io faucetpay.io — Cisco Umbrella Rank: 284395
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 47384	208 B
1	activecampaign.com www.activecampaign.com — Cisco Umbrella Rank: 286314
1	semrush.com www.semrush.com — Cisco Umbrella Rank: 62645
1	creativemarket.com creativemarket.com — Cisco Umbrella Rank: 80875
1	trkbng.com 1 redirects trkbng.com — Cisco Umbrella Rank: 47595	3 KB
1	bongacams10.com 1 redirects bongacams10.com — Cisco Umbrella Rank: 81216	441 B
1	exness.uk www.exness.uk
1	lightinthebox.com www.lightinthebox.com — Cisco Umbrella Rank: 53817
1	rbfxdirect.com 1 redirects rbfxdirect.com — Cisco Umbrella Rank: 496021	553 B
1	miniinthebox.com www.miniinthebox.com — Cisco Umbrella Rank: 248342
1	ebay.com www.ebay.com — Cisco Umbrella Rank: 5402
1	rentalcars.com www.rentalcars.com — Cisco Umbrella Rank: 44126
1	app.link 1 redirects monaco.app.link	556 B
1	alibaba.com offer.alibaba.com — Cisco Umbrella Rank: 26800
1	iqbroker.com iqbroker.com — Cisco Umbrella Rank: 72808
1	trafmag.com trafmag.com — Cisco Umbrella Rank: 42429	125 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8117	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	644 B
1	powered-by-revidy.com 1 redirects powered-by-revidy.com — Cisco Umbrella Rank: 212896	394 B
1	her-ber.top c.her-ber.top	516 B
1	kiev-security.org.ua kiev-security.org.ua	2 KB
1	ua-region.info 1 redirects www.ua-region.info	111 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 145064	567 B
0	taobao.com Failed fourier.taobao.com Failed
0	dt00.net Failed jsn.dt00.net Failed
0	lentainform.com Failed jsn.lentainform.com Failed
261	86

	Domain	Requested by
42	daily.com.ua	daily.com.ua
19	tpc.googlesyndication.com	daily.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com
16	kinoafisha.ua	1 redirects daily.com.ua kinoafisha.ua
13	assets.alicdn.com	sale.aliexpress.ru assets.alicdn.com daily.com.ua
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com daily.com.ua googleads.g.doubleclick.net
9	ru.mmstat.com	daily.com.ua sale.aliexpress.ru
9	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
9	informers.sinoptik.ua	daily.com.ua informers.sinoptik.ua
8	an.yandex.ru	6 redirects assets.alicdn.com sale.aliexpress.ru
8	mc.yandex.com	2 redirects daily.com.ua assets.alicdn.com sale.aliexpress.ru
7	i.alicdn.com	sale.aliexpress.ru i.alicdn.com
6	ae01.alicdn.com	sale.aliexpress.ru assets.alicdn.com
6	goods.redtram.com	daily.com.ua goods.redtram.com
6	pagead2.googlesyndication.com	daily.com.ua pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
4	my28.roboforex.org	3 redirects hlmiq.com
4	www.google-analytics.com	daily.com.ua www.google-analytics.com assets.alicdn.com
4	mc.yandex.ru	2 redirects daily.com.ua
4	www.facebook.com	daily.com.ua sale.aliexpress.ru
4	connect.facebook.net	daily.com.ua connect.facebook.net assets.alicdn.com
4	informers.ukr.net	2 redirects daily.com.ua
3	top-fwz1.mail.ru	daily.com.ua sale.aliexpress.ru
3	vk.com	sale.aliexpress.ru daily.com.ua
3	img3.redtram.com	daily.com.ua
3	chaturbate.com	2 redirects hlmiq.com
3	adsexample.com	3 redirects
3	hlmiq.com	1 redirects odnaknopka.ru hlmiq.com
3	fixidle.com	goods.redtram.com fixidle.com
3	counter.yadro.ru	2 redirects daily.com.ua
3	w.uptolike.com	daily.com.ua w.uptolike.com
2	ads.betweendigital.com	1 redirects sale.aliexpress.ru
2	fonts.googleapis.com	tpc.googlesyndication.com
2	www.google.com	2 redirects
2	localbitcoins.com	1 redirects hlmiq.com
2	www.iherb.com	2 redirects
2	www.thelotter.com	1 redirects hlmiq.com
2	www.instaforex.com	1 redirects hlmiq.com
2	www.hotelscombined.com	1 redirects hlmiq.com
2	cex.io	1 redirects hlmiq.com
2	www.exness.com	2 redirects
2	paxful.com	1 redirects hlmiq.com
2	freebitco.in	1 redirects hlmiq.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	rtb.redtram.com	goods.redtram.com
2	sale.aliexpress.ru	1 redirects odnaknopka.ru
2	resistcorrectly.com	2 redirects
2	odnaknopka.ru	c.her-ber.top odnaknopka.ru
2	scontent.xx.fbcdn.net	www.facebook.com
2	www.ua-region.com.ua	1 redirects daily.com.ua
1	t.adx.opera.com	sale.aliexpress.ru
1	cm.g.doubleclick.net	1 redirects
1	fourier.aliexpress.com	sale.aliexpress.ru
1	www.googletagmanager.com	assets.alicdn.com
1	g.alicdn.com	sale.aliexpress.ru
1	remitano.com	hlmiq.com
1	de.iherb.com	hlmiq.com
1	kinsta.com	hlmiq.com
1	stripchat.com	hlmiq.com
1	changelly.com	hlmiq.com
1	m.tiktok.com	hlmiq.com
1	de.dhgate.com	hlmiq.com
1	www.tomtop.com	hlmiq.com
1	www.agoda.com	hlmiq.com
1	faucetpay.io	hlmiq.com
1	is.gd	1 redirects
1	www.activecampaign.com	hlmiq.com
1	www.semrush.com	hlmiq.com
1	creativemarket.com	hlmiq.com
1	de.bongacams.com	hlmiq.com
1	bongacams.com	1 redirects
1	trkbng.com	1 redirects
1	bongacams10.com	1 redirects
1	accounts.binance.com	hlmiq.com
1	www.binance.com	1 redirects
1	ch.hotels.com	hlmiq.com
1	de.hotels.com	1 redirects
1	www.exness.uk	hlmiq.com
1	www.lightinthebox.com	hlmiq.com
1	rbfxdirect.com	1 redirects
1	www.miniinthebox.com	hlmiq.com
1	www.ebay.com	hlmiq.com
1	www.rentalcars.com	hlmiq.com
1	referral.crypto.com	hlmiq.com
1	app.mona.co	1 redirects
1	monaco.app.link	1 redirects
1	get.mona.co	1 redirects
1	platinum.crypto.com	1 redirects
1	crypto.com	1 redirects
1	offer.alibaba.com	hlmiq.com
1	iqbroker.com	hlmiq.com
1	trafmag.com	goods.redtram.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	login.aliexpress.ru	1 redirects
1	login.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	powered-by-revidy.com	1 redirects
1	i.bigmir.net	daily.com.ua
1	c.bigmir.net	1 redirects
1	c.her-ber.top	daily.com.ua
1	kiev-security.org.ua	daily.com.ua
1	www.ua-region.info	1 redirects
1	c.hit.ua	daily.com.ua
1	ajax.googleapis.com	daily.com.ua
0	fourier.taobao.com Failed	assets.alicdn.com
0	jsn.dt00.net Failed	daily.com.ua
0	jsn.lentainform.com Failed	daily.com.ua
261	108

This site contains links to these domains. Also see Links.

Domain
plus.google.com
www.facebook.com
twitter.com
lentainform.com
goods.redtram.com
sinoptik.ua
www.ua-region.info
kiev-security.org.ua
www.liveinternet.ru
www.bigmir.net
www.orangesputnik.eu

Subject Issuer	Validity	Valid
uptolike.com R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
c.her-ber.top R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.redtram.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-31` - `2023-02-14`	a year	crt.sh
kinoafisha.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-25` - `2022-11-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
fixidle.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
hlmiq.com R3	`2022-08-06` - `2022-11-04`	3 months	crt.sh
*.aliexpress.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-06-16` - `2023-06-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.iqbroker.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-11` - `2023-01-12`	a year	crt.sh
air.alibaba.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-07-19`	a year	crt.sh
secure.rentalcars.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-11-12`	a year	crt.sh
www.lightinthebox.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-08` - `2023-04-22`	8 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-19` - `2023-03-19`	a year	crt.sh
*.semrush.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
www.activecampaign.com GeoTrust EV RSA CA G2	`2022-07-10` - `2023-08-10`	a year	crt.sh
*.agoda.com GeoTrust RSA CA 2018	`2022-06-05` - `2023-06-06`	a year	crt.sh
*.tomtop.com Secure Site CA G2	`2021-09-14` - `2022-10-06`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
changelly.com Cloudflare Inc ECC CA-3	`2021-10-31` - `2022-10-30`	a year	crt.sh
stripchat.com Cloudflare Inc ECC CA-3	`2022-03-03` - `2023-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
ru.aliexpress.com DigiCert SHA2 Secure Server CA	`2022-02-15` - `2023-02-16`	a year	crt.sh
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-18` - `2023-08-19`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh

This page contains 16 frames:

Primary Page: http://daily.com.ua/
Frame ID: D08D515966CF0D6EB1B4638ACBB698A2
Requests: 96 HTTP requests in this frame

Frame: http://jsn.lentainform.com/d/a/daily.com.ua.6158.js?t=122797
Frame ID: 1CCA8DFDE5843D54522C9E7566A18999
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Frame ID: ED43AEA5EC63D6368ABDCF05BA4B09B9
Requests: 12 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/index.html
Frame ID: 9ABED221B0B5B97EC712324E1445DDB5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220804/r20190131/zrt_lookup.html
Frame ID: 23D5420D76203F1E5784B6A3AFD14487
Requests: 1 HTTP requests in this frame

Frame: https://hlmiq.com/vu/a/
Frame ID: E0030DECE67CF1872A364A3E1A4054EC
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Frame ID: BA1C3E3EC3A33FCC48301E40780ADB5A
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817
Frame ID: 4433C5A0B09138BA72A379D04CE35756
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=280&slotname=7110126662&adk=2325384854&adf=3055432483&pi=t.ma~as.7110126662&w=335&lmt=1660030082&rafmt=12&psa=0&format=335x280&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081972&bpp=1&bdt=550&idt=831&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x120&correlator=4908926299614&frm=20&pv=1&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=965&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZkLJF0mmF&p=http%3A//daily.com.ua&dtd=834
Frame ID: 1C4B552DA111291E623697F00EF11747
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&adk=1812271804&adf=3025194257&lmt=1660030082&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdaily.com.ua%2F&ea=0&pra=7&wgl=1&easpf=1&easpi=1&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&dt=1660030082415&bpp=1&bdt=993&idt=396&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x120%2C335x280&nras=1&correlator=4908926299614&frm=20&pv=1&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=402
Frame ID: 9D073EEC3FA12DF10B5C85988335A6DA
Requests: 1 HTTP requests in this frame

Frame: https://hlmiq.com/vu/a/
Frame ID: DCA0A6DDF964E8E89AF7B01B0B0FD8A0
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486
Frame ID: 1ABCCB8B9B61E8CAD506F86DE2DD691B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CorSBggzyYt-1OeiRjuwP-5wxhImZy2vN0cuBlxCNsZbkkjEQASD_m8kkYJUCoAGyisGqAcgBCakC8t9rKPQaqj6oAwHIA0iqBOoBT9DRjpoEjrvkmqq07blcb9lyM6oqEwVxZ-zj5O-03hKsSv7B-MtZhTYWkl-eg5N0pldFZio_2yPk8OEkHDyJzzQPQhc419lUAZsz3DMRvzKyLshGuh3safDEReUzsNjwbwu3gVLoRThNumZr-hKuvKJDcI6sD5XYp7GilM460PpC-QpVFizGvEGDxerQdAPveL9PibHJXa1GxibFmYclnnKThC6Fd8-j-a2Lslq9WkyXvQH03f4CaIX3qzFlhQ4dGAyBPVVTaIbIf6DsDSzP63d9qjIdT1ZQ6UFWEPRgGO62UFnBowXw5IBFwATukPjzlASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDP3wHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02NDM2OTk3MDg0MTU5NTkyGAA&sigh=3-9tabU405M&uach_m=[UACH]&template_id=419
Frame ID: 44DE3F090873B6166F1971A7B9ACBE13
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1579F45AF26B1E94EA7F555C5C28121E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html
Frame ID: 5AEF8E76F959435886D4C1EC1532DADC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 66978ED961D6AD1B2013F5D9DD2DEC2A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости в Украине DailyUA

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

65 %
HTTPS

37 %
IPv6

86
Domains

108
Subdomains

73
IPs

11
Countries

7311 kB
Transfer

11334 kB
Size

160
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://plus.google.com/101624690829463781005/about

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/DailyUA/237993666247094

Search URL Search Domain Scan URL

URL: https://twitter.com/DailyUA_

Search URL Search Domain Scan URL

URL: http://lentainform.com/
Title: Загрузка...

Search URL Search Domain Scan URL

URL: http://goods.redtram.com/go/23238/2112741/YT0yMzIzOCZiPTIxMTI3NDEmYz1odHRwczovL2JhbmsuZ292LnVhL2VuL25ld3MvYWxsL25hdHNpb25hbG5peS1iYW5rLXZpZGtyaXYtc3BldHNyYWh1bm9rLWRseWEtemJvcnUta29zaHRpdi1uYS1wb3RyZWJpLWFybWl5aSZkPSZlPWh0dHA6Ly9kYWlseS5jb20udWEvJnd3PSZhaz1hYjc5MDc5YzYzNzgzZDQ3MzY4M2Q2MzNmNmFlMGJiOSZwYXJ0PTA5OThlNGI5YzkxZDMyYzkyMmY3MjM1YWJhZTI5MWFl?ref=http://daily.com.ua/&mid=26384&tmload=1660030082&page=0&pos=1&rtuid=d776858a82ab00983e6b88f01889aa6a

Search URL Search Domain Scan URL

URL: http://goods.redtram.com/go/23238/2112739/YT0yMzIzOCZiPTIxMTI3MzkmYz1odHRwczovL2JhbmsuZ292LnVhL2VuL25ld3MvYWxsL25hdHNpb25hbG5peS1iYW5rLXZpZGtyaXYtc3BldHNyYWh1bm9rLWRseWEtemJvcnUta29zaHRpdi1uYS1wb3RyZWJpLWFybWl5aSZkPSZlPWh0dHA6Ly9kYWlseS5jb20udWEvJnd3PSZhaz1hYjc5MDc5YzYzNzgzZDQ3MzY4M2Q2MzNmNmFlMGJiOSZwYXJ0PWQzNmQ2OWNiZjBmOGE1ZmY0NDBhYWZjNjEwZmM0ZDAw?ref=http://daily.com.ua/&mid=26384&tmload=1660030082&page=0&pos=2&rtuid=d776858a82ab00983e6b88f01889aa6a

Search URL Search Domain Scan URL

URL: http://goods.redtram.com/go/23238/2120816/YT0yMzIzOCZiPTIxMjA4MTYmYz1odHRwczovL3QubWUvc3RvcF9ydXNzaWFuX3dhcl9ib3QmZD0mZT1odHRwOi8vZGFpbHkuY29tLnVhLyZ3dz0mYWs9YWI3OTA3OWM2Mzc4M2Q0NzM2ODNkNjMzZjZhZTBiYjkmcGFydD0xOTVkN2ExOTEzOTU3ZTM1NTk5ZGZiMTAzN2JjMWI3Mg==?ref=http://daily.com.ua/&mid=26638&tmload=1660030082&page=0&pos=3&rtuid=d776858a82ab00983e6b88f01889aa6a

Search URL Search Domain Scan URL

URL: http://sinoptik.ua/
Title: Погода

Search URL Search Domain Scan URL

URL: http://sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BA%D0%B8%D0%B5%D0%B2
Title: Погода в Киеве

Search URL Search Domain Scan URL

URL: http://sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%B7%D0%B0%D0%BF%D0%BE%D1%80%D0%BE%D0%B6%D1%8C%D0%B5
Title: Погода в Запорожье

Search URL Search Domain Scan URL

URL: http://sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BE%D0%B4%D0%B5%D1%81%D1%81%D0%B0
Title: Погода в Одессе

Search URL Search Domain Scan URL

URL: http://www.ua-region.info/

Search URL Search Domain Scan URL

URL: http://kiev-security.org.ua/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

URL: https://www.orangesputnik.eu/
Title: Поддержка сайта — OrangeSputnik

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

http://www.ua-region.info/pic/ua-logo.gif HTTP 301
http://www.ua-region.com.ua/ru/pic/ua-logo.gif HTTP 301
https://www.ua-region.com.ua/ru/pic/ua-logo.gif

Request Chain 42

http://informers.ukr.net/kino/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h HTTP 301
https://informers.ukr.net/kino/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h

Request Chain 43

http://informers.ukr.net/tv/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h HTTP 301
https://informers.ukr.net/tv/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h

Request Chain 55

http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false HTTP 307
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false

Request Chain 58

http://kinoafisha.ua/widget/index.html HTTP 301
https://kinoafisha.ua/widget/index.html

Request Chain 66

http://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405 HTTP 302
https://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405 HTTP 302
https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405

Request Chain 67

http://c.bigmir.net/?v120729&s119253&t3&c1&n770354&w0&y0&d24&r1600 HTTP 302
http://i.bigmir.net/cnt/03.png

Request Chain 70

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 97

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 104

https://resistcorrectly.com/stat HTTP 302
https://hlmiq.com/vu/a/

Request Chain 105

https://powered-by-revidy.com/a HTTP 302
https://s.click.aliexpress.com/e/_AtqYLP?af=a;5716&cn=-&cv=765823&dp=82.199.130.45 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a HTTP 302
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=b96d9e4b3b314ff2b5e050ca8720d09a&xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a

Request Chain 118

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9725.8pfQ72uDWO2jA-N3ZXCqXgHOuhVsPF9gPzpOa_t0eeA2m0CHTtMCMU2usHRZJz39.b6NYam1fmtulZb-EC5H8rGM4rVI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9725.sDa_jZsS9SzUR_c6NqiDUrxUfgERsMTvkwm7rA3zLRHneDz2PSzUPBTZYCJGvI4yyDKN0U_rKEyRq5L8B-Jhfw%2C%2C.OFMQ7RvRf8VMJWT9ZGAFo453roY%2C

Request Chain 129

https://crypto.com/app/8mk2bghn8f HTTP 301
https://platinum.crypto.com/r/8mk2bghn8f HTTP 302
https://get.mona.co/1mLxRmFn1bb HTTP 307
https://monaco.app.link/1mLxRmFn1bb?_p=c81629c3910b7af1e11d90f9ed HTTP 307
https://app.mona.co/referral/fallback?_branch_match_id=1085451725016123548&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT08t0cvNz0vUS87XN8z1qQjKdcszTEoCAE64N64fAAAA HTTP 302
https://referral.crypto.com/signup?_branch_match_id=1085451725016123548

Request Chain 130

https://freebitco.in/?r=3669689 HTTP 302
https://freebitco.in/signup/?op=s&r=3669689

Request Chain 132

https://adsexample.com/to2/uatest/ HTTP 307
https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=62f20c47c5b37600019f0925_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true

Request Chain 134

https://rbfxdirect.com/ru/lk/?a=zkeb HTTP 302
https://my28.roboforex.org/ru/?a=zkeb HTTP 301
https://my28.roboforex.org/en/?a=zkeb HTTP 301
https://my28.roboforex.org/en/ HTTP 301
https://my28.roboforex.org/en/login/

Request Chain 136

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n HTTP 302
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0 HTTP 302
https://chaturbate.com/kathariine/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0

Request Chain 137

https://paxful.com/ru/?r=GzdvAoGWyQA HTTP 301
https://paxful.com/ru?r=GzdvAoGWyQA

Request Chain 138

https://www.exness.com/a/vps0b6j3 HTTP 302
https://www.exness.com/?utm_source=partners&_8f4x=1 HTTP 302
https://www.exness.uk/?utm_source=partners&_8f4x=1

Request Chain 139

https://resistcorrectly.com/w HTTP 302
https://hlmiq.com/to2/hotels.ch/ HTTP 307
https://de.hotels.com/?locale=de_CH&pos=HCOM_CH&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd=1101lw4BkAca&affcid=HCOM-CH.DIRECT.PHG.1100l95727&afflid=1101lw4BkAca&original_destination=https://de.hotels.com/?locale=de_CH&pos=HCOM_CH&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd=1101lw4BkAca&affcid=HCOM-CH.DIRECT.PHG.1100l95727&afflid=1101lw4BkAca HTTP 301
https://ch.hotels.com/?locale=de_CH&pos=HCOM_CH&pos=HCOM_CH&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&affcid=HCOM-CH.DIRECT.PHG.1100l95727&affcid=HCOM-CH.DIRECT.PHG.1100l95727&afflid=1101lw4BkAca&afflid=1101lw4BkAca&original_destination=https%3A%2F%2Fde.hotels.com%2F%3Flocale%3Dde_CH

Request Chain 140

https://www.binance.com/ru/register?ref=KZTDOPQP HTTP 302
https://accounts.binance.com/ru/register?ref=KZTDOPQP

Request Chain 141

https://bongacams10.com/track?v=2&c=287325 HTTP 302
https://trkbng.com/hit.php?v=2&c=287325 HTTP 302
https://bongacams.com/?bcs=Zm9yaDJjYWRhNTBmMTIzMmYzMmUxYTc0ZDZmZjZkNzFjZjA4OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP 302
https://de.bongacams.com/?bcs=Zm9yaDJjYWRhNTBmMTIzMmYzMmUxYTc0ZDZmZjZkNzFjZjA4OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

Request Chain 145

https://is.gd/zIJynH HTTP 301
https://faucetpay.io/?r=612200

Request Chain 146

https://cex.io/r/0/up111785894/0/ HTTP 301
https://cex.io/

Request Chain 149

https://adsexample.com/to2/dhgate/ HTTP 307
https://de.dhgate.com/?f=bm|aff|admitad|1019090|b985358b8df43094eb1d84b12dd88883|197649||

Request Chain 150

https://www.hotelscombined.com/?a_aid=172493 HTTP 302
https://www.hotelscombined.com/

Request Chain 153

https://www.instaforex.com/?x=LVYG HTTP 302
https://www.instaforex.com/

Request Chain 154

https://www.thelotter.com/?tl_affid=9175 HTTP 301
https://www.thelotter.com/de/?tl_affid=9175

Request Chain 157

https://adsexample.com/to2/iherbcd/ HTTP 307
https://www.iherb.com/?clickref=1101lw4CamYq&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP 301
https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP 302
https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232

Request Chain 158

https://localbitcoins.com/?ch=1cmsy HTTP 302
https://localbitcoins.com/

Request Chain 160

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A807%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1232286685303%3Ahid%3A211753674%3Az%3A0%3Ai%3A20220809072803%3Aet%3A1660030083%3Ac%3A1%3Arn%3A326328289%3Arqn%3A1%3Au%3A16600300831047870787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1660030080929%3Ads%3A18%2C363%2C108%2C1%2C%2C0%2C%2C974%2C22%2C%2C%2C%2C1465%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660030083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20DailyUA&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A807%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1232286685303%3Ahid%3A211753674%3Az%3A0%3Ai%3A20220809072803%3Aet%3A1660030083%3Ac%3A1%3Arn%3A326328289%3Arqn%3A1%3Au%3A16600300831047870787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1660030080929%3Ads%3A18%2C363%2C108%2C1%2C%2C0%2C%2C974%2C22%2C%2C%2C%2C1465%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660030083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20DailyUA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 170

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 189

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 260

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_ag&enable_guid_cm_redir=1&google_ula=7186619844&duid=1660030088454999969 HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_ag&enable_guid_cm_redir=1&google_ula=7186619844&duid=1660030088454999969 HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=1944B8AD3ECA4733&google_nid=yandex_ag&google_ula=7186619844&google_cm HTTP 302
https://an.yandex.ru/mapuid/google/?partner-tag=yandex_ag&ssp-id=17298340&google_gid=CAESEDcGxkl6d8Bwzd3D0VIyPzY&google_cver=1&google_ula=7186619844,0

Request Chain 261

https://an.yandex.ru/mapuid/betweenx/?duid=1660030088454999969 HTTP 302
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1&duid=1660030088454999969 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6E3FAE55AF84E610 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6E3FAE55AF84E610&crf=1

Request Chain 262

https://an.yandex.ru/mapuid/operacom/?duid=1660030088454999969 HTTP 302
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1&duid=1660030088454999969 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=990BED7400D5D287

261 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
daily.com.ua/ 47 KB
12 KB 489ms
108ms Document
text/html 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 1690966ba3257ed11a0f99ee61e232f0c917fa1e76f8b2df87d3ab970839789c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 09 Aug 2022 07:28:01 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 121ms
54ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 03:42:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 13522
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33333
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 09 Aug 2023 03:42:39 GMT

GET
H/1.1 200
OK jquery.flexslider-min.js Show response
daily.com.ua/js/ 23 KB
7 KB 65ms
63ms Script
application/javascript 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://daily.com.ua/js/jquery.flexslider-min.js
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: cd3a745dc42a3e3c6217f75ac99d3a0b69be5d6648145a93bd90315f8731199b

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Mar 2020 14:50:56 GMT
Server: nginx
ETag: W/"5e7b6fd0-5a32"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK js_min.js Show response
daily.com.ua/js/ 4 KB
2 KB 191ms
62ms Script
application/javascript 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://daily.com.ua/js/js_min.js
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 52876b796b6d4f7a3be2fb9dda0d44b233d601391e288aef8f65ae9f76291ae3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Oct 2020 10:33:14 GMT
Server: nginx
ETag: W/"5f915fea-104f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK masonry.js Show response
daily.com.ua/js/ 25 KB
8 KB 244ms
62ms Script
application/javascript 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://daily.com.ua/js/masonry.js
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 33ae362801df6760d197feb6424b31cd4a3c0f04cb5c390e3f5fb9cec197b765

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: W/"5e38656a-62a2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style_min.css
daily.com.ua/template/css/ 30 KB
6 KB 128ms
63ms Stylesheet
text/css 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://daily.com.ua/template/css/style_min.css?1660030081
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: ee3c2a496930cacf4542658784cd49d676c1849de285d859e086f78e26c9fe73

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Oct 2020 10:30:59 GMT
Server: nginx
ETag: W/"5f915f63-780a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style_new_min.css
daily.com.ua/template/css/ 5 KB
2 KB 180ms
61ms Stylesheet
text/css 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://daily.com.ua/template/css/style_new_min.css
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 0f7a96073a561be945cf92a66ba461ed9caa11b840fc7215f0a24289906e2359

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Oct 2020 10:18:30 GMT
Server: nginx
ETag: W/"5f915c76-1395"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 149ms
78ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a053bb70f457b83cbccb03f90c44f62b0e60c707f53d85f1b2123743dc935223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2058170073294727295
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 57287
X-XSS-Protection: 0
Expires: Tue, 09 Aug 2022 07:28:01 GMT

GET
H/1.1 200
OK 11166002931995.jpg
daily.com.ua/upload/files/ 117 KB
117 KB 65ms
61ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11166002931995.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 3f26ea17747761cb85d65671c2bf5ab7a48909935bed5deb7be179e6ed294f8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Tue, 09 Aug 2022 07:15:25 GMT
Server: nginx
ETag: "62f2098d-1d225"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119333
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11166002516796.jpg
daily.com.ua/upload/files/ 90 KB
91 KB 65ms
62ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11166002516796.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: daf992d71e7ba34ed2a6f86d8bb9e32fc63d60108e5966ec6e3067f83bc6e4ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Tue, 09 Aug 2022 06:06:12 GMT
Server: nginx
ETag: "62f1f954-169f7"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92663
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1116599940909.png
daily.com.ua/upload/files/ 380 KB
380 KB 377ms
65ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/1116599940909.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 58007a83ceff931b10ce181c2ce50fbfa3f6d5a036aa6ad5e78e646577657fe6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 08 Aug 2022 21:28:15 GMT
Server: nginx
ETag: "62f17fef-5f03c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 389180
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165998494412.jpg
daily.com.ua/upload/files/ 148 KB
148 KB 381ms
66ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165998494412.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 2788ec232926dbc62b87f01689a3a7279412f6857db3fe1bfba7c2d8b78c92fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 08 Aug 2022 18:55:55 GMT
Server: nginx
ETag: "62f15c3b-250c0"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151744
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165996114191.jpg
daily.com.ua/upload/files/ 103 KB
103 KB 391ms
62ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165996114191.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 1fed6bf4c0d6db750a87e279e41330b94a6a9b35e5ae260ead6c742aed8c1dc8

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 08 Aug 2022 12:19:12 GMT
Server: nginx
ETag: "62f0ff40-19bff"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105471
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165994408472.jpg
daily.com.ua/upload/files/ 66 KB
66 KB 226ms
64ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165994408472.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: b6509c645bf1a0b7b7af0c9a27ee14cff82f2f13191eb0510f4d48df0b784271

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 08 Aug 2022 07:34:58 GMT
Server: nginx
ETag: "62f0bca2-10795"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67477
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165993638676.jpg
daily.com.ua/upload/files/ 124 KB
124 KB 222ms
62ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165993638676.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: b99c69a0f959d9db50091bc5215df865febdaaa4bafb502df3251d9b6436d340

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 08 Aug 2022 05:26:31 GMT
Server: nginx
ETag: "62f09e87-1ef44"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126788
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165989005317.jpeg
daily.com.ua/upload/files/ 52 KB
52 KB 214ms
62ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165989005317.jpeg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 4bf18e80e696554641362da89ff7b36f1195c6de694badcc880a9de620190ff6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Sun, 07 Aug 2022 16:34:18 GMT
Server: nginx
ETag: "62efe98a-cf4a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53066
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1116598668148.jpg
daily.com.ua/upload/files/ 43 KB
43 KB 61ms
61ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/1116598668148.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 969132c633b6de8dcd88036f6976869b266b8eecda59a77a90369c1e89b31d56

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Sun, 07 Aug 2022 10:07:00 GMT
Server: nginx
ETag: "62ef8ec4-aa61"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43617
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165985334248.jpg
daily.com.ua/upload/files/ 101 KB
101 KB 62ms
61ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165985334248.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 5f301a0155c1a774aa8241d2f5ed9095fc6f16fa8858fcbf54fb3d7533e846b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Sun, 07 Aug 2022 06:23:13 GMT
Server: nginx
ETag: "62ef5a51-19375"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103285
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165980943962.jpg
daily.com.ua/upload/files/ 75 KB
75 KB 63ms
63ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165980943962.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: ab4e993036f9dc7322742a0522ebca7b89d7109c8f5a7c8e820e9550bba1cb89

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Sat, 06 Aug 2022 18:10:43 GMT
Server: nginx
ETag: "62eeaea3-12b60"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76640
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165967651052.jpg
daily.com.ua/upload/files/ 52 KB
52 KB 63ms
63ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165967651052.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: ae1595516b9c471e6402ae57efa0636fe73def3ee876c4b74d214967847765c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Fri, 05 Aug 2022 05:15:15 GMT
Server: nginx
ETag: "62eca763-d0c1"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53441
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165996123644.jpg
daily.com.ua/upload/files/ 82 KB
83 KB 150ms
69ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165996123644.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 8a89d72ee8673193d61e094aa76946c42f9293329cf85d68f0bb0c529daf89df

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 08 Aug 2022 12:20:51 GMT
Server: nginx
ETag: "62f0ffa3-1494f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84303
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1116600252288.jpg
daily.com.ua/upload/files/ 69 KB
70 KB 81ms
80ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/1116600252288.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 68b40198aca8904893750c8620433c1b445a06124274ac735a52ee70733be411

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 09 Aug 2022 06:07:12 GMT
Server: nginx
ETag: "62f1f990-11568"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71016
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165996378216.jpg
daily.com.ua/upload/files/ 82 KB
83 KB 83ms
83ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165996378216.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 5af054811a129346d93b9ad04957c889d58d04dbd681733b01eb03dd512eaf74

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 08 Aug 2022 13:03:05 GMT
Server: nginx
ETag: "62f10989-14929"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84265
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165997062156.jpg
daily.com.ua/upload/files/ 92 KB
92 KB 80ms
80ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165997062156.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: d251a5601e7ca58168893e3a989ca6ea35c8fec176ae62671d506ff6dfbde2aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 08 Aug 2022 14:57:32 GMT
Server: nginx
ETag: "62f1245c-16e6d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93805
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1116598937239.jpg
daily.com.ua/upload/files/ 86 KB
86 KB 65ms
64ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/1116598937239.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: da264a8e4a35789c7ff003bbcebd894f497b9001e07dcf94625e5382fecf6b60

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Sun, 07 Aug 2022 17:35:26 GMT
Server: nginx
ETag: "62eff7de-15889"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88201
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK smallthumb_bloger_20200424_165500_1587736500.jpg
daily.com.ua/upload/bloger/ 44 KB
44 KB 334ms
68ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/bloger/smallthumb_bloger_20200424_165500_1587736500.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 1f574e28dff7e9ccbc2748e78a5ce36fea90351c6b9338015ef945f495d42ad8

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Fri, 24 Apr 2020 13:55:00 GMT
Server: nginx
ETag: "5ea2efb4-af09"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44809
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK smallthumb_bloger_20150119_143608_1421670968.jpg
daily.com.ua/upload/bloger/ 58 KB
59 KB 287ms
62ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/bloger/smallthumb_bloger_20150119_143608_1421670968.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: ee84da6ec83f4a07234f64ada0ca44de76f3099729a7abbdae683e5fd876a821

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 19 Jan 2015 12:36:13 GMT
Server: nginx
ETag: "54bcfa3d-e9db"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59867
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165996126723.jpg
daily.com.ua/upload/files/ 79 KB
79 KB 270ms
64ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165996126723.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 80f32f98f0beec8ae0309ceb39e085d98484574d51b258ce320ba66f2e15b053

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 08 Aug 2022 12:21:21 GMT
Server: nginx
ETag: "62f0ffc1-13b1f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80671
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11165935411187.jpg
daily.com.ua/upload/files/ 64 KB
64 KB 265ms
62ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165935411187.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 730a4795b8fd9431f7afb86d53b1cb9745c0f83ebef261f0014e956d2a3f705c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 01 Aug 2022 11:42:02 GMT
Server: nginx
ETag: "62e7bc0a-10034"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65588
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK t.gif
informers.sinoptik.ua/img/ 43 B
368 B 107ms
53ms Image
image/gif 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://informers.sinoptik.ua/img/t.gif
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Thu, 10 Feb 2011 13:06:12 GMT
Server: nginx
ETag: "4d53e2c4-2b"
Content-Type: image/gif
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 09 Aug 2023 07:28:01 GMT

GET
H/1.1 200
OK js3.php Show response
informers.sinoptik.ua/ 1 KB
917 B 137ms
54ms Script
text/html 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: http://informers.sinoptik.ua/js3.php?title=4&wind=2&cities=303010783&lang=ru
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 85348107a152bcd5a365d8aa174525af9a6ae0e0ae9f9ba1cf44735091b2e073

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-store, no-cache, must-revalidate
Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 395ms
195ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tl24f8898071c13fa48bd347630d0d83af3685f525
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 929b49c0b8c2d2ab8fec72e7a14bda90440b53edef9b5d5e688554bfa468eb27

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8

GET
H/1.1 200
OK 11165856026961.jpg
daily.com.ua/upload/files/ 111 KB
111 KB 63ms
63ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11165856026961.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: c51346d18fdea07e61f5b2a50fe8defe87e90804b19b4fb477743e9d8bab4e80

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Sat, 23 Jul 2022 07:11:27 GMT
Server: nginx
ETag: "62db9f1f-1bbdd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113629
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11159522874870.jpg
daily.com.ua/upload/files/ 30 KB
30 KB 62ms
62ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11159522874870.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: e6050d14a99c036f2404720c95e0e19dd43f9eb99f0d538502bd912b0ecb5869

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 20 Jul 2020 07:06:43 GMT
Server: nginx
ETag: "5f154283-78c0"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30912
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 111586607299100.jpg
daily.com.ua/upload/files/ 94 KB
94 KB 68ms
66ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/111586607299100.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 4d41a837d150bdb5f824fccffbfd1003a500ccb2edf41c8871017a814b3ff635

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Sat, 11 Apr 2020 12:16:26 GMT
Server: nginx
ETag: "5e91b51a-1779f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96159
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 619_1585828444_%D1%83%D0%BA%D1%83%D0%BA.png
daily.com.ua/upload/files/ 565 KB
565 KB 64ms
64ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/619_1585828444_%D1%83%D0%BA%D1%83%D0%BA.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 64e13268c72f6eb6d191745ca09f996a3eca995f0e8838d74607dffcd560c472

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Thu, 02 Apr 2020 11:54:04 GMT
Server: nginx
ETag: "5e85d25c-8d389"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 578441
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 687_1608040509_1608038541-6297.webp
daily.com.ua/upload/files/ 32 KB
33 KB 64ms
63ms Image
image/webp 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/687_1608040509_1608038541-6297.webp
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 0dc1287996ca28e5ece92c48a9f04e10527cd1b4c779c2b5aa4075d4bd7131db

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 15 Dec 2020 13:55:09 GMT
Server: nginx
ETag: "5fd8c03d-80f8"
Content-Type: image/webp
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33016
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11160683318279.jpg
daily.com.ua/upload/files/ 1 MB
1 MB 69ms
69ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11160683318279.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 9ecb1610fb43a65c9be00281371e2c61a547120d4b00c84779e1b62b1ad23e4c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 01 Dec 2020 14:33:08 GMT
Server: nginx
ETag: "5fc65424-123cb8"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1195192
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1116015559006.jpg
daily.com.ua/upload/files/ 36 KB
36 KB 64ms
64ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/1116015559006.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 13b3147922d7787809af5fedc534c1c3d9d6ec13f74a81d04d2a2d01ed5cc203

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Thu, 01 Oct 2020 12:38:37 GMT
Server: nginx
ETag: "5f75cdcd-8f37"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36663
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11159853542851.jpg
daily.com.ua/upload/files/ 33 KB
33 KB 62ms
61ms Image
image/jpeg 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/upload/files/11159853542851.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 6f8494aaeeffc0719ae636051d4ccc26757a70e62cb19ff857f9889aa18859ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Thu, 27 Aug 2020 13:37:21 GMT
Server: nginx
ETag: "5f47b711-8286"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33414
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK hit Show response
c.hit.ua/ 303 B
567 B 197ms
82ms Script
application/x-javascript 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: http://c.hit.ua/hit?i=15&g=2&x=3&nc=1&293248673
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: 902fba2e0a2c8faf5bf5cdb22a043e1fe2f30d1accf6c122006e932d82115b13

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 07:28:01 GMT
Server: nginx/1.17.9
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

ua-logo.gif
www.ua-region.com.ua/ru/pic/
Redirect Chain

http://www.ua-region.info/pic/ua-logo.gif
http://www.ua-region.com.ua/ru/pic/ua-logo.gif
https://www.ua-region.com.ua/ru/pic/ua-logo.gif

2 KB
2 KB

306ms
76ms

Image
image/gif

178.136.243.215
ALKAR-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ua-region.com.ua/ru/pic/ua-logo.gif
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 178.136.243.215 Lviv, Ukraine, ASN6703 (ALKAR-AS, UA),
Reverse DNS: 215-243-136-178.dsl.lviv.farlep.net
Software: nginx/1.18.0 /
Resource Hash: 157485050b623cb92498aa75c6103b9575b4299376db4d7a0797e9abf9fca4ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 08 Apr 2013 16:06:28 GMT
Server: nginx/1.18.0
ETag: "5162eb04-63e"
Content-Type: image/gif
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 1598
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://www.ua-region.com.ua/ru/pic/ua-logo.gif
Content-length: 0

GET
H/1.1 200
OK 88x31.gif
kiev-security.org.ua/ 1 KB
2 KB 206ms
79ms Image
image/gif 46.254.107.12
CITYHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kiev-security.org.ua/88x31.gif
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 46.254.107.12 , Ukraine, ASN57167 (CITYHOST-AS, UA),
Reverse DNS: leaf.cityhost.com.ua
Software: nginx/1.22.0 /
Resource Hash: 6017a867d1c47b7064588060b155143650368c366daa7d9a07b9b3d99045e019

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Nov 2019 02:50:20 GMT
Server: nginx/1.22.0
ETag: W/"5de0876c-5ec"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 08 Sep 2022 07:28:01 GMT

GET
H2

200

js.php Show response
informers.ukr.net/kino/
Redirect Chain

http://informers.ukr.net/kino/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h
https://informers.ukr.net/kino/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h

912 B
666 B

266ms
89ms

Script
application/x-javascript

195.214.195.40
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://informers.ukr.net/kino/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Server

195.214.195.40 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

Software

nginx /

Resource Hash

7cb9204207ba0ad8f119e038e0deae65f53308a39acd2edb32bed535ee1c5d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
date: Tue, 09 Aug 2022 07:28:02 GMT
content-type: application/x-javascript; charset="utf-8"

Redirect headers

Location: https://informers.ukr.net/kino/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h
Date: Tue, 09 Aug 2022 07:28:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

js.php Show response
informers.ukr.net/tv/
Redirect Chain

http://informers.ukr.net/tv/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h
https://informers.ukr.net/tv/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h

661 B
589 B

513ms
85ms

Script
application/x-javascript

195.214.195.40
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://informers.ukr.net/tv/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Server

195.214.195.40 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

Software

nginx /

Resource Hash

1743ae9a6ae65201af2da1aaee0367d7f3af87683d79c81c09454a7c3b4fcf68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
date: Tue, 09 Aug 2022 07:28:02 GMT
content-type: application/x-javascript; charset="utf-8"

Redirect headers

Location: https://informers.ukr.net/tv/js.php?c=1&m=2&img=left&cl=000000&cp=utf8&h
Date: Tue, 09 Aug 2022 07:28:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 385ms
191ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=1383019
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3d8fac607bd3717c45906d47fcab3a063e2efb74c85556d99ddcf369bf06e89b

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8

GET
H/1.1 200
OK 4994 Show response
c.her-ber.top/pzi/ 312 B
516 B 452ms
60ms Script
application/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.her-ber.top/pzi/4994
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 225ms
72ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3218b4cfd404cf1cc4b0c87b6d28ac1bb223bbf11df30c773f409563f202446b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MCSYSMZSvuoW6QBRm5eaPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: Lg7seF+m37R25fnaswelFxeeQ2tkAPRaD891CqOm0jZ66Y3EX2b338ltKZ571PoloKPI6i4evbf6Hae3gQrzLw==
x-fb-trip-id: 720026100
x-fb-content-md5: d8fb9295b7418de6f5431a0f6426f7ec
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 09 Aug 2022 07:28:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "658d560facb4433d5995d65b4d30680f"
timing-allow-origin: *
expires: Tue, 09 Aug 2022 07:42:18 GMT

GET
H/1.1 200
OK bg.png
daily.com.ua/template/images/patterns/ 958 B
1 KB 151ms
69ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/template/images/patterns/bg.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/template/css/style_min.css?1660030081
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 30fe55c99d945bda75a34839569c931b0f34accd8fd8b13f885f3f30b4b8c2f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/template/css/style_min.css?1660030081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: "5e38656a-3be"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 958
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logotype.png
daily.com.ua/template/images/ 9 KB
9 KB 151ms
70ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/template/images/logotype.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/template/css/style_min.css?1660030081
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 8bbb090a09bfd6773717e406613a3d42c1afa7c48bdd206317946c1db28394f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/template/css/style_min.css?1660030081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: "5e38656a-2426"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9254
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sprite.png
daily.com.ua/template/images/ 12 KB
13 KB 214ms
62ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/template/images/sprite.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/template/css/style_min.css?1660030081
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 95c642b43f943182295616552612020c91cd53e4f27b71cddf0f3e2109fcc3ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/template/css/style_min.css?1660030081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: "5e38656a-31cf"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12751
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK arialn-webfont.woff
daily.com.ua/template/fonts/ 24 KB
24 KB 162ms
68ms Font
application/font-woff 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://daily.com.ua/template/fonts/arialn-webfont.woff
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/template/css/style_min.css?1660030081
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 37d0460b28e66d600e5ac7dfbb6a7c7a1cfc003c705e268967e865dc3ff5ecce

Request headers

Referer: http://daily.com.ua/template/css/style_min.css?1660030081
Origin: http://daily.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: "5e38656a-5f68"
Content-Type: application/font-woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24424
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET daily.com.ua.6158.js
jsn.lentainform.com/d/a/ Frame 1CCA 0
0

GET
H2 200 / Show response
goods.redtram.com/j/23238/ 39 KB
15 KB 198ms
64ms Script
application/javascript 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://goods.redtram.com/j/23238/?v=1
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 282682be187a669c21df6c2f96e9a8d1e55c66ee8cb7dbe7991730f1ea7a93b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 13:09:02 GMT
server: nginx/1.18.0
etag: W/"62c437ee-9a2a"
access-control-allow-methods: GET, OPTIONS, HEAD
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=86400, no-transform
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Wed, 10 Aug 2022 07:28:02 GMT

GET
H/1.1 200
OK daily.png
daily.com.ua/template/images/ 3 KB
3 KB 63ms
63ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/template/images/daily.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/template/css/style_new_min.css
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 1dbb3a3f374b82ddcb5992cf3311b3bf28b710a9b9cbd6b6601822ad3e916d21

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/template/css/style_new_min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: "5e38656a-adc"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2780
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK informers.css
informers.sinoptik.ua/css/ 15 KB
2 KB 53ms
53ms Stylesheet
text/css 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: http://informers.sinoptik.ua/css/informers.css?v=3
Requested by: Host: informers.sinoptik.ua
URL: http://informers.sinoptik.ua/js3.php?title=4&wind=2&cities=303010783&lang=ru
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 26b472f9a906e7bc5fc8060cfbfa386e777acaf92c8659150c15473de21930a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Sep 2014 12:54:52 GMT
Server: nginx
ETag: W/"5418331c-3c0f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame ED43
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&...
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false...

45 KB
16 KB

288ms
137ms

Document
text/html

2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

facf9ad75a3cc460153dc47465a9ecc29430fd28d56d73346ab49d3a83fd755d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 09 Aug 2022 07:28:02 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: rAmjLsoiiujPxPysSVSfNoyGesHpeQBNk+QNjcTT4+ohp0drcbE9AC5oCTkhW7FbMcXI1NokjVrCrZH+tfOlKA==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Non-Authoritative-Reason: HSTS

GET daily.com.ua.13443.js
jsn.dt00.net/d/a/ 0
0

GET
H/1.1 200
OK play.png
daily.com.ua/template/images/ 6 KB
6 KB 62ms
62ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/template/images/play.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/template/css/style_min.css?1660030081
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 449b8e5516b0da3febe420018a20dcab2ffb47c22c3fc50403ead61b0edd2ba0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/template/css/style_min.css?1660030081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: "5e38656a-1680"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5760
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

index.html Show response
kinoafisha.ua/widget/ Frame 9ABE
Redirect Chain

http://kinoafisha.ua/widget/index.html
https://kinoafisha.ua/widget/index.html

15 KB
2 KB

165ms
53ms

Document
text/html

212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://kinoafisha.ua/widget/index.html
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9c0b3b18405d6ab0b398caddb6cdd4108c500859cf929358a98ed9bd6d0cb32a

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html
date: Tue, 09 Aug 2022 07:28:02 GMT
etag: W/"62f205f0-3b1a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 09 Aug 2022 07:00:00 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 09 Aug 2022 07:28:01 GMT
Location: https://kinoafisha.ua/widget/index.html
Server: nginx

GET
H/1.1 200
OK small_logotype.png
daily.com.ua/template/images/ 8 KB
8 KB 72ms
71ms Image
image/png 167.86.79.74
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://daily.com.ua/template/images/small_logotype.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/template/css/style_min.css?1660030081
Protocol: HTTP/1.1
Server: 167.86.79.74 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: daily.com.ua
Software: nginx /
Resource Hash: 51d88aa3c65e811a98d2584948ef45cc7b9f46299cb060fd2b5a6562a320b76e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/template/css/style_min.css?1660030081
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Mon, 03 Feb 2020 18:24:42 GMT
Server: nginx
ETag: "5e38656a-1f82"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8066
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo-t2.png
informers.sinoptik.ua/img/ 2 KB
3 KB 54ms
54ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://informers.sinoptik.ua/img/logo-t2.png
Requested by: Host: informers.sinoptik.ua
URL: http://informers.sinoptik.ua/css/informers.css?v=3
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 812b13056e0a955622e120865d2231dc2933ca37bb8aac942279cc41ec1d1d27

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://informers.sinoptik.ua/css/informers.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Server: nginx
ETag: "4e255d0a-98c"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2444
Expires: Wed, 09 Aug 2023 07:28:02 GMT

GET
H/1.1 200
OK hlc-t2.png
informers.sinoptik.ua/img/ 181 B
507 B 53ms
53ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://informers.sinoptik.ua/img/hlc-t2.png
Requested by: Host: informers.sinoptik.ua
URL: http://informers.sinoptik.ua/css/informers.css?v=3
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://informers.sinoptik.ua/css/informers.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Server: nginx
ETag: "4e255d0a-b5"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181
Expires: Wed, 09 Aug 2023 07:28:02 GMT

GET
H/1.1 200
OK term-t2.png
informers.sinoptik.ua/img/ 454 B
781 B 57ms
56ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://informers.sinoptik.ua/img/term-t2.png
Requested by: Host: informers.sinoptik.ua
URL: http://informers.sinoptik.ua/css/informers.css?v=3
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 79d7fe2f02f73e59b3ddd141a186e815624fb6a844196c57081268c2d0758266

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://informers.sinoptik.ua/css/informers.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 08 Feb 2011 14:13:40 GMT
Server: nginx
ETag: "4d514f94-1c6"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 454
Expires: Wed, 09 Aug 2023 07:28:02 GMT

GET
H/1.1 200
OK s-informers-t2.png
informers.sinoptik.ua/img/ 36 KB
36 KB 53ms
53ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://informers.sinoptik.ua/img/s-informers-t2.png
Requested by: Host: informers.sinoptik.ua
URL: http://informers.sinoptik.ua/css/informers.css?v=3
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 5f8a60a18e784c16174ab8616abd0a28fde829f0abb2362f9a917210b25033c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://informers.sinoptik.ua/css/informers.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 08 Feb 2011 14:13:40 GMT
Server: nginx
ETag: "4d514f94-8f64"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36708
Expires: Wed, 09 Aug 2023 07:28:02 GMT

GET
H/1.1 200
OK frc-t1.png
informers.sinoptik.ua/img/ 168 B
494 B 57ms
57ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://informers.sinoptik.ua/img/frc-t1.png
Requested by: Host: informers.sinoptik.ua
URL: http://informers.sinoptik.ua/css/informers.css?v=3
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 07531f638ff8480af382b964ee68d940250303fc0651aa31ae0670e43fb434b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://informers.sinoptik.ua/css/informers.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Server: nginx
ETag: "4e255d0a-a8"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168
Expires: Wed, 09 Aug 2023 07:28:02 GMT

GET
H/1.1 200
OK flc-t1.png
informers.sinoptik.ua/img/ 167 B
493 B 85ms
53ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://informers.sinoptik.ua/img/flc-t1.png
Requested by: Host: informers.sinoptik.ua
URL: http://informers.sinoptik.ua/css/informers.css?v=3
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 0ce777967d0e103cfcc1c12282103c3a7502400ad2fe769a866a2e2158956a2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://informers.sinoptik.ua/css/informers.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Server: nginx
ETag: "4e255d0a-a7"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167
Expires: Wed, 09 Aug 2023 07:28:02 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405
https://counter.yadro.ru/hit?t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405
https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405

911 B
1 KB

91ms
91ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 07:28:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 911
Expires: Sun, 08 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 07:28:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t57.6;r;s1600*1200*24;uhttp%3A//daily.com.ua/;0.5611446849701405
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 08 Aug 2021 21:00:00 GMT

GET
H/1.1

200
OK

03.png
i.bigmir.net/cnt/
Redirect Chain

http://c.bigmir.net/?v120729&s119253&t3&c1&n770354&w0&y0&d24&r1600
http://i.bigmir.net/cnt/03.png

723 B
1 KB

215ms
85ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/03.png
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Last-Modified: Sun, 02 Oct 2005 23:04:59 GMT
Server: nginx
ETag: "4340679b-2d3"
Content-Type: image/png
Cache-Control: max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 723
Expires: Fri, 12 Aug 2022 07:28:02 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 07:28:02 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/03.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ 340 KB
121 KB 214ms
98ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6436997084159592&plah=daily.com.ua&bust=31068844

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f1716b6134ab0e30a7e00a679e859fde8a4474521708142dd8bbac877e9bcf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122755
x-xss-protection: 0
server: cafe
etag: 15361467452127814797
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Aug 2022 07:28:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220804/r20190131/ Frame 23D5 10 KB
5 KB 188ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220804/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 26519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 00:06:03 GMT
etag: 8616628553774171045
expires: Tue, 23 Aug 2022 00:06:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

158 KB
56 KB

368ms
182ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

69c02f544b87a917384825923fc6a04d560452dc5ed97d2b05b4db60fbcef171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
last-modified: Mon, 08 Aug 2022 11:59:56 GMT
etag: "62f0d08c-ddfe"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56830
expires: Tue, 09 Aug 2022 08:28:02 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 69 B
845 B 97ms
96ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_166003008210683
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tl24f8898071c13fa48bd347630d0d83af3685f525
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7bee515bff0734210ffb87d918567425b0e4b43356993e9ae2bba8fb1a5d3504

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 07:28:02 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 07 Jul 2022 09:15:31 GMT

GET
H2 200 MuPl-KSbkZV.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ Frame ED43 19 KB
5 KB 210ms
69ms Stylesheet
text/css 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/MuPl-KSbkZV.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

750d4cf2f1d365e3c29ef6ae1e83d696ee230ff685eb7c7068d98fbc2c437454

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6Eq0JnQVOlFmMxshbJ1qhg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4891
x-fb-rlafr: 0
x-fb-debug: GY8lqxf9IewkfDHeLhg39s2tkncRHXHbHXJQXHVvFadqvarY2hTGkLx6dXQZ6E4rpbFNcCos1/yAb1gtn5jGlw==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 08 Aug 2023 15:41:34 GMT

GET
H2 200 KOrt6ooA_C5.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ Frame ED43 3 KB
1 KB 211ms
69ms Stylesheet
text/css 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/KOrt6ooA_C5.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c96fe319340305eec153f3bb6acaccbf5d35246cc0758a86c6183779a8b216a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hvode0haMC68lDBHksua0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1195
x-fb-rlafr: 0
x-fb-debug: Sqa7hHpBY5ho3PsPRhMbRJXDGLU9/bZPEjE/H8Zkrjffh3+WS3ok8XHBx9al1WI8maamzv3leof80X535HWWXw==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 07 Aug 2023 15:43:40 GMT

GET
H2 200 RI5Ki3mPi72.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame ED43 320 KB
86 KB 212ms
70ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ecaefadad41efb3fb2dcc127d919af777b4f1de15254b69d8b1c89a52744b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sYtIdvJpFKzfzbH/vnqsWA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88180
x-fb-rlafr: 0
x-fb-debug: fRK0k/6bfsuVIqQo0VL+RsMcEOLqXszvNxLgJIIrEjMExODa3cqUPep4SJTGrAr5przqmLgtJ2xx0qgOhYiB7Q==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Aug 2023 18:54:44 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame ED43 5 KB
2 KB 212ms
71ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: qi4c+/YminfEY5rizsUKoxIZpujZQm3+jQzavgkcDqbPW8//iTDleAsu1aAV+6e5iKkfvp5YsiCLIoinc0Suzg==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 06 Aug 2023 04:48:12 GMT

GET
H2 200 Nwy6sCQlQHc.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame ED43 38 KB
12 KB 212ms
71ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Nwy6sCQlQHc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

593fa553d116f4269a8fc8b7fc11dc49efdb71da04c896b6e5872841c5ffa2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gGCr/wNTBczQB/gXHhl0Fg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12174
x-fb-rlafr: 0
x-fb-debug: MoEA43Bn21+aCrifvdKFPUXL4rbYzTDzxdKzbXrmGLk/c5xuGLb3BVdmf43vGhumepCXPDgDXrGw9r+6kEvSJw==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 03 Aug 2023 06:27:18 GMT

GET
H2 200 xC6UV9vW9nN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame ED43 52 KB
16 KB 360ms
219ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/xC6UV9vW9nN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d840ef1927c7aad49210faefc97f7005e3862dd4853cded03388216c009f01a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NzYsclW6SE+LKLuYhprflQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 16330
x-fb-rlafr: 0
x-fb-debug: XxhkhzTZsdyIq+qtMZhoaxS9OJjR/PF01ewkxL6tvlOM38hyS2uMI/+HKsxdxToK5rNuCdbg78Q2nB6uYKFtrg==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Aug 2023 20:37:49 GMT

GET
H2 200 www3MD-5s6n.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yy/l/en_GB/ Frame ED43 80 KB
22 KB 361ms
220ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yy/l/en_GB/www3MD-5s6n.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

813742ece69b96caabce154a4e3368c9e7c4b963cfb30c72f38206d712a83693

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RnAzEjLcrTpkaPuFm7YXAg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22372
x-fb-rlafr: 0
x-fb-debug: E2zPF38l14Zz4M0skB2kIF8LgHDnz44WR6W5dyfM67J+P69U6dl3NJ0BG3XQyIe6lcKtU3XW9zTTR4g+jnn+9g==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:54:44 GMT

GET
H2 200 ka_logo_ru.png
kinoafisha.ua/themes/kino/images/widget/ Frame 9ABE 2 KB
2 KB 57ms
56ms Image
image/png 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/themes/kino/images/widget/ka_logo_ru.png
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3f660930fae4b2fb29a4f44e1442943d342c58ef693250c688dd36ba77313a0d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Mon, 04 Apr 2016 13:52:24 GMT
server: nginx
etag: "57027198-8f1"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2289
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 9755.jpg
kinoafisha.ua/upload/widget/ Frame 9ABE 17 KB
17 KB 57ms
57ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/widget/9755.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 27ef13ff7c304e4859d40e9f35c30bb5b93e92f3d0cd49df881ac01505c07702

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Tue, 09 Aug 2022 07:00:00 GMT
server: nginx
etag: "62f205f0-4288"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17032
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 9847.jpg
kinoafisha.ua/upload/widget/ Frame 9ABE 19 KB
19 KB 105ms
103ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/widget/9847.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2d497ee2ad8ed5061744e373dc5e92ec902296a931f9c61a5ff9edb15751c60a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Tue, 09 Aug 2022 07:00:00 GMT
server: nginx
etag: "62f205f0-4a83"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 19075
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 9718.jpg
kinoafisha.ua/upload/widget/ Frame 9ABE 18 KB
18 KB 157ms
155ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/widget/9718.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1eb089c1d88e2a94b8be5d8f49131c374e98177ea20396f15a6c7d473cdccb74

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Tue, 09 Aug 2022 07:00:00 GMT
server: nginx
etag: "62f205f0-4803"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18435
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 9459.jpg
kinoafisha.ua/upload/widget/ Frame 9ABE 11 KB
11 KB 157ms
156ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/widget/9459.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 06c815ec4f02cf06081b0112dd5384e58abc70e2ce99c1cf0f0f98507eb205ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Tue, 09 Aug 2022 07:00:00 GMT
server: nginx
etag: "62f205f0-2a9f"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10911
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 9783.jpg
kinoafisha.ua/upload/widget/ Frame 9ABE 19 KB
20 KB 158ms
156ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/widget/9783.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5c14abff0794b529b27ff0252535fc223fb8648e4e1cc4425696cef249114e3b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Tue, 09 Aug 2022 07:00:00 GMT
server: nginx
etag: "62f205f0-4d44"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 19780
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 9765.jpg
kinoafisha.ua/upload/widget/ Frame 9ABE 15 KB
15 KB 158ms
157ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/widget/9765.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: eef89d3626c0833910fb6a09deec3419023d739123dc619bd405289f6cafd49c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Tue, 09 Aug 2022 07:00:00 GMT
server: nginx
etag: "62f205f0-3a3c"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14908
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 9607.jpg
kinoafisha.ua/upload/widget/ Frame 9ABE 12 KB
12 KB 158ms
157ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/widget/9607.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: eb2d83f60e9e9bfbaa239ad10ff98f7021b1544413954e90cc946d3fb6b73330

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Tue, 09 Aug 2022 07:00:01 GMT
server: nginx
etag: "62f205f1-2fc2"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12226
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 slidr.min.js Show response
kinoafisha.ua/themes/kino/js/widget/ Frame 9ABE 20 KB
8 KB 104ms
102ms Script
application/javascript 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://kinoafisha.ua/themes/kino/js/widget/slidr.min.js
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 66fea73d9e7d51cb3cee97b19bb3e8d2e874e966768650223816ace7a346683e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2015 12:07:10 GMT
server: nginx
etag: W/"560538ee-50d4"
content-type: application/javascript
cache-control: max-age=2678400
expires: Fri, 09 Sep 2022 07:28:02 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 296 KB
84 KB 142ms
68ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=935cb026d57d44b2c3b1a033d1f84b80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

041381110b8956b02393648248133f4e081072c2e77dadf064c02977e6010e07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://daily.com.ua/
Origin: http://daily.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RDKOQOci7ecIReqMKuWqyw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86383
x-fb-rlafr: 0
x-fb-debug: KmQwyHe8x8hOfW889yOU9qGisEJudzEikzJoHnV7y4H8VrS9cvM85ZYti1tXyjEuPhPWVpM+dBS6Usl8KMWSOg==
x-fb-content-md5: 1510ad4895c2522110f2b2af2d3291be
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 09 Aug 2022 07:28:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e04cc5d107a4056b8b239588d868fae4"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Aug 2023 06:47:43 GMT

GET
H2 200 ka_body_bg.png
kinoafisha.ua/themes/kino/images/widget/ Frame 9ABE 1 KB
2 KB 147ms
147ms Image
image/png 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/themes/kino/images/widget/ka_body_bg.png
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: cd7a44259f2ada9275d5d33217bc34992508aad1f8ef9669ecc3f831d350306c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Fri, 25 Sep 2015 12:07:10 GMT
server: nginx
etag: "560538ee-5bf"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1471
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 ka_top_bg.png
kinoafisha.ua/themes/kino/images/widget/ Frame 9ABE 476 B
648 B 148ms
147ms Image
image/png 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/themes/kino/images/widget/ka_top_bg.png
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: b8a82f0c06c481c135c6bf1c40b24227dab03e80ffe9931513b02b59e964907f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Fri, 25 Sep 2015 12:07:10 GMT
server: nginx
etag: "560538ee-1dc"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 476
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 ka_btn.png
kinoafisha.ua/themes/kino/images/widget/ Frame 9ABE 396 B
568 B 148ms
147ms Image
image/png 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/themes/kino/images/widget/ka_btn.png
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 14a28580c1ce910d6804d0d600c4a218a52a14f06b42afb17242e691788fb9b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Fri, 25 Sep 2015 12:07:10 GMT
server: nginx
etag: "560538ee-18c"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 396
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 61203978_2365635960149510_1138088813575274496_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-9/ Frame ED43 20 KB
20 KB 69ms
68ms Image
image/jpeg 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-9/61203978_2365635960149510_1138088813575274496_n.jpg?stp=dst-jpg_s370x247&_nc_cat=109&ccb=1-7&_nc_sid=dd9801&_nc_ohc=UfV9LxL24hgAX-YcVLK&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT8cHXzsfD11z0zo_pdJGYQTuxV_oudCjI-rTAeOx6tvFA&oe=63181DA8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ee1b4edc04e36bd940cb5e1ff312ef440e3e63a64a1a465ed4fb4c56a8199866

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 270371614
date: Tue, 09 Aug 2022 07:28:02 GMT
x-fb-trip-id: 720026100
last-modified: Mon, 27 May 2019 09:27:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2730977471
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 794129596
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20372

GET
H2 200 10448735_745336885512767_4152228531914987152_n.jpg
scontent.xx.fbcdn.net/v/t1.18169-1/ Frame ED43 1 KB
1 KB 94ms
93ms Image
image/jpeg 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.18169-1/10448735_745336885512767_4152228531914987152_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=RpyHs1QdzksAX_FsN7c&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AT-P7BY2vNGUwTOobeB3Th8BO5Xhcdf73osfW2pKQdkHRg&oe=63182773
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FDailyUA%2F237993666247094&width=335&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ffba890ffcd30127c0df11d757c8c650269d8e6588e2a910f3aad48dfcc55bdb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3248146673
date: Tue, 09 Aug 2022 07:28:02 GMT
x-fb-trip-id: 720026100
last-modified: Thu, 17 Jul 2014 13:11:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=940391536
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2647165521
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1156

GET
H2 200 fp.min.js Show response
fixidle.com/js/ 16 KB
6 KB 325ms
59ms Script
application/javascript 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/fp.min.js
Requested by: Host: goods.redtram.com
URL: https://goods.redtram.com/j/23238/?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: a38a07bfb7205ca9d5208ce1b87b2e940e2729380acb97453ca398e6e27f7dfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H2 200 ka_arr_l_bg.png
kinoafisha.ua/themes/kino/images/widget/ Frame 9ABE 280 B
452 B 93ms
92ms Image
image/png 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/themes/kino/images/widget/ka_arr_l_bg.png
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: ecb4595e3f2e5c25bd43414ceb3f08779fb0efc0b111d6aed2b669c854c4d961

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Fri, 25 Sep 2015 12:07:10 GMT
server: nginx
etag: "560538ee-118"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 280
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2 200 ka_arr_r_bg.png
kinoafisha.ua/themes/kino/images/widget/ Frame 9ABE 274 B
446 B 93ms
93ms Image
image/png 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/themes/kino/images/widget/ka_arr_r_bg.png
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: a895055a2eec72b5eb8f7826723a62966bb210c2154ae8f02da45bc482da8d64

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kinoafisha.ua/widget/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Fri, 25 Sep 2015 12:07:10 GMT
server: nginx
etag: "560538ee-112"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 274
expires: Tue, 16 Aug 2022 07:28:02 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

169ms
53ms

Script
text/javascript

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1562
date: Tue, 09 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 09:02:00 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK ok9.js Show response
odnaknopka.ru/ 143 B
379 B 181ms
58ms Script
text/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://odnaknopka.ru/ok9.js
Requested by: Host: c.her-ber.top
URL: https://c.her-ber.top/pzi/4994
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
ETag: 4ee1d26cd177c92f47a1c6965c4d7bd9
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 139ms
68ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=364228721085254&ev=fb_page_view&dl=http%3A%2F%2Fdaily.com.ua%2F&rl=&if=false&ts=1660030082451&sw=1600&sh=1200&at=

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 09 Aug 2022 07:28:02 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame ED43 573 B
628 B 139ms
68ms Image
image/png 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/MuPl-KSbkZV.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/MuPl-KSbkZV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: N0RA9eEM0npkiy32FKsu9KdQNu6VHO+cVNXZZWYM6oEE2KikwyMet1PYM3LS95qpKSSWhpD8Wz0+hfIuIyBonQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sun, 06 Aug 2023 18:58:59 GMT

GET
H3 200 udGrGZmnkeP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame ED43 22 KB
7 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/udGrGZmnkeP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72c0a71edbb9542e13bd1b95045d742d7acee3ce8f78aa51399f61cee7e492fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9/1BV1sP73df0/E1dlv9rg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7224
x-fb-rlafr: 0
x-fb-debug: 3AtNzsRTwgbhLm2x3Qn8NIg5jZK34ld4X7A46OThyk8gwhYdC1k11dH3eVqid4jvW3b/QmgJE+ZW8XMAjNZdMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Aug 2023 21:13:36 GMT

GET
H/1.1 200
OK stat.js Show response
odnaknopka.ru/ 779 B
968 B 61ms
60ms Script
application/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://odnaknopka.ru/stat.js
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/ok9.js
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4004dc11edac5c0be9d7723d6df788ad9670d3c1243a71f8f3e8ed64649462b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 07:28:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
61ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1352763636&t=pageview&_s=1&dl=http%3A%2F%2Fdaily.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20DailyUA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=658674919&gjid=2123717906&cid=652463994.1660030083&tid=UA-52925374-1&_gid=201914646.1660030083&_r=1&_slc=1&z=662655915

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daily.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daily.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/ Show response
hlmiq.com/vu/a/ Frame E003
Redirect Chain

https://resistcorrectly.com/stat
https://hlmiq.com/vu/a/

187 B
379 B

191ms
59ms

Document
text/html

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlmiq.com/vu/a/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6365b2973ebde8d5823cbf8801a7960fea48cc84ad8ea8fb8b6facac48c23cbe

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 07:28:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 07:28:02 GMT
Location: https://hlmiq.com/vu/a/
Server: nginx/1.12.2
Transfer-Encoding: chunked

GET
H2

200

continuation_default.htm Show response
sale.aliexpress.ru/ru/__pc/ Frame BA1C
Redirect Chain

https://powered-by-revidy.com/a
https://s.click.aliexpress.com/e/_AtqYLP?af=a;5716&cn=-&cv=765823&dp=82.199.130.45
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_At...
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff...
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=b96d9e4b3b314ff2b5e050ca8720d09a&xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716...
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_At...

15 KB
5 KB

104ms
104ms

Document
text/html

47.246.133.89
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

47.246.133.89 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Tengine /

Resource Hash

4cbc50b868354039b7452633b5b5aaa7d0c25d72b0251b797bee708fc59e0299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-transform,public,max-age=90,s-maxage=120
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 09 Aug 2022 07:28:06 GMT
eagleeye-traceid: 211675d216600300864332757eb842
p3p: CP="CAO PSA OUR"
server: Tengine
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-language: en-US
content-length: 0
content-type: text/html;charset=UTF-8
date: Tue, 09 Aug 2022 07:28:06 GMT
eagleeye-traceid: 211675d216600300863302753eb842
location: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
p3p: CP="CAO PSA OUR"
server: Tengine
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
644 B 194ms
62ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=daily.com.ua&callback=_gfp_s_&client=ca-pub-6436997084159592

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6436997084159592&plah=daily.com.ua&bust=31068844

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9f1324e925fa03e159f25c348e2ed38364a6b8ff802375ccd0137cf6e213cf64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 192ms
63ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=daily.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 194ms
63ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=daily.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4433 134 KB
43 KB 342ms
233ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5109cc123e47efd6097f4cd8c4ca7cb19f0ae867958d764b9856e759d42d2d84

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_-o_udufkCFeiIgwcde04MAA&gqi=ggzyYvLgOJil3wP84JmQCg&layout=/sadbundle/%24csp%253Der3%24/863300823173379816/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43904
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_-o_udufkCFeiIgwcde04MAA&gqi=ggzyYvLgOJil3wP84JmQCg&layout=/sadbundle/%24csp%253Der3%24/863300823173379816/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 07:28:03 GMT
expires: Tue, 09 Aug 2022 07:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 collector.js Show response
fixidle.com/js/ 9 KB
2 KB 59ms
59ms Script
application/javascript 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/js/collector.js?rtuid=d776858a82ab00983e6b88f01889aa6a&code=goods&v=1660030082802
Requested by: Host: goods.redtram.com
URL: https://goods.redtram.com/j/23238/?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: b22d9bcc5dff4c30b8b0426a19a7b2aa38c7361a549632bf2df804fce74746f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: application/javascript

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C4B 113 KB
41 KB 961ms
870ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=280&slotname=7110126662&adk=2325384854&adf=3055432483&pi=t.ma~as.7110126662&w=335&lmt=1660030082&rafmt=12&psa=0&format=335x280&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081972&bpp=1&bdt=550&idt=831&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x120&correlator=4908926299614&frm=20&pv=1&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=965&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZkLJF0mmF&p=http%3A//daily.com.ua&dtd=834

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58299fed1523c6b92ea3732cdd036b781eaee5b60941f6b4e9b8a014b56341b5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNiMpfudufkCFbFJHgIdP6AC6w&gqi=ggzyYuriOKmOjuwP_vqH-Ao&layout=/sadbundle/%24csp%253Der3%24/3256062220522308903/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41834
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNiMpfudufkCFbFJHgIdP6AC6w&gqi=ggzyYuriOKmOjuwP_vqH-Ao&layout=/sadbundle/%24csp%253Der3%24/3256062220522308903/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 07:28:03 GMT
expires: Tue, 09 Aug 2022 07:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D07 0
19 B 143ms
64ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&adk=1812271804&adf=3025194257&lmt=1660030082&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdaily.com.ua%2F&ea=0&pra=7&wgl=1&easpf=1&easpi=1&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&dt=1660030082415&bpp=1&bdt=993&idt=396&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x120%2C335x280&nras=1&correlator=4908926299614&frm=20&pv=1&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=402

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daily.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 07:28:02 GMT
expires: Tue, 09 Aug 2022 07:28:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
goods.redtram.com/g/ 10 KB
3 KB 67ms
67ms Script
text/javascript 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://goods.redtram.com/g/?i=23238&ver=2&srv=128&f=jsonobj&ref2=&idn=udmel&lng=&rtuid=d776858a82ab00983e6b88f01889aa6a&wl=http%3A%2F%2Fdaily.com.ua%2F
Requested by: Host: goods.redtram.com
URL: https://goods.redtram.com/j/23238/?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: cffd1a2fecadc14e0be345403a81b7da7757898f05a7c5cd0cbd6e7df3f90788

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:02 GMT
content-encoding: gzip
server: nginx/1.18.0
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-upstream: 10.1.4.34:9005
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: Mon, 25 Apr 1986 22:23:46 GMT

POST
H2 200 / Show response
fixidle.com/ 61 B
153 B 188ms
63ms XHR
application/json 159.69.174.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fixidle.com/?v=16600300828730.41023956289332153
Requested by: Host: fixidle.com
URL: https://fixidle.com/js/collector.js?rtuid=d776858a82ab00983e6b88f01889aa6a&code=goods&v=1660030082802
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 058f7d6bba6cf6f71ae4cc366f666c8bff18f5ce2e4ded5329e5771b45129a99

Request headers

Referer: http://daily.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 09 Aug 2022 07:28:03 GMT
server: nginx/1.18.0
content-type: application/json;

GET
H2 200 redtram Show response
trafmag.com/ 0
125 B 155ms
50ms Script
text/javascript 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/redtram?data=eyJyZXF1ZXN0VXVpZCI6IjU2NWMwYWQ0LWRjYTQtNGFkMy1hOWRlLTc0MTI5YjZhNDkwYyIsInNpdGVJZCI6MTMyMDUsInRpY2tlcklkIjoyMzIzOCwicmF0ZXMiOlswLjAyNDksMC4wMjQ5LDAuMDI0OV0sImluZm9ybWVyV2lkdGgiOjMzNSwiaW1hZ2VTaXplIjoyMDAsImlkbiI6InVkbWVsIiwib3NJZCI6MCwibWFya2V0SWQiOjI1NTM1LCJnb29kSWQiOjE3OTMxOTgsImlhYiI6WyJJQUIyIiwiSUFCOS03IiwiSUFCMTgtNCIsIklBQjE5LTE3IiwiSUFCMSIsIklBQjE3LTEzIiwiSUFCMjAiLCJJQUI2LTIiLCJJQUI3LTQ0IiwiSUFCMTYiLCJJQUIxNC0xIiwiSUFCOS0zMCIsIklBQjMiLCJJQUIyMi00IiwiSUFCMS0xIiwiSUFCMTkiLCJJQUIxOC0xIiwiSUFCMjItNCIsIklBQjktOSIsIklBQjEwLTciLCJJQUI3IiwiSUFCMjItNCIsIklBQjE5LTYiLCJJQUI3LTMxIiwiSUFCOS0xNiIsIklBQjIxIiwiSUFCNy0zMSIsIklBQjEyIiwiSUFCNSIsIklBQjE4LTUiLCJJQUIzIiwiSUFCMyIsIklBQjE3LTE4IiwiSUFCMTkiLCJJQUIxOC02IiwiSUFCMTAtNyIsIklBQjE5LTI5IiwiSUFCOCIsIklBQjQiLCJJQUIxMC00IiwiSUFCMjItNCIsIklBQjI0IiwiSUFCMjAtMSIsIklBQjEwLTkiLCJJQUIzIiwiSUFCMTkiLCJJQUIxMiIsIklBQjEwIiwiSUFCMTgtMSIsIklBQjEzIiwiSUFCOS0yMyIsIklBQjE4LTYiLCJJQUIxOC0zIiwiSUFCMTgtNCJdfQ%3D%3D&ref=http%3A%2F%2Fdaily.com.ua%2F&rtuid=d776858a82ab00983e6b88f01889aa6a

Requested by

Host: goods.redtram.com
URL: https://goods.redtram.com/j/23238/?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:03 GMT
server: nginx
content-type: text/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H2 204 kadam Show response
rtb.redtram.com/ 0
199 B 121ms
99ms Script
text/plain 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.redtram.com/kadam?data=eyJyZXF1ZXN0VXVpZCI6IjU2NWMwYWQ0LWRjYTQtNGFkMy1hOWRlLTc0MTI5YjZhNDkwYyIsInNpdGVJZCI6MTMyMDUsInRpY2tlcklkIjoyMzIzOCwicmF0ZXMiOlswLjAyNDksMC4wMjQ5LDAuMDI0OV0sImluZm9ybWVyV2lkdGgiOjMzNSwiaW1hZ2VTaXplIjo0MDAsImlkbiI6InVkbWVsIiwib3NJZCI6MCwibWFya2V0SWQiOjI1Njc1LCJnb29kSWQiOjE3OTc2OTQsImlhYiI6WyJJQUIyIiwiSUFCOS03IiwiSUFCMTgtNCIsIklBQjE5LTE3IiwiSUFCMSIsIklBQjE3LTEzIiwiSUFCMjAiLCJJQUI2LTIiLCJJQUI3LTQ0IiwiSUFCMTYiLCJJQUIxNC0xIiwiSUFCOS0zMCIsIklBQjMiLCJJQUIyMi00IiwiSUFCMS0xIiwiSUFCMTkiLCJJQUIxOC0xIiwiSUFCMjItNCIsIklBQjktOSIsIklBQjEwLTciLCJJQUI3IiwiSUFCMjItNCIsIklBQjE5LTYiLCJJQUI3LTMxIiwiSUFCOS0xNiIsIklBQjIxIiwiSUFCNy0zMSIsIklBQjEyIiwiSUFCNSIsIklBQjE4LTUiLCJJQUIzIiwiSUFCMyIsIklBQjE3LTE4IiwiSUFCMTkiLCJJQUIxOC02IiwiSUFCMTAtNyIsIklBQjE5LTI5IiwiSUFCOCIsIklBQjQiLCJJQUIxMC00IiwiSUFCMjItNCIsIklBQjI0IiwiSUFCMjAtMSIsIklBQjEwLTkiLCJJQUIzIiwiSUFCMTkiLCJJQUIxMiIsIklBQjEwIiwiSUFCMTgtMSIsIklBQjEzIiwiSUFCOS0yMyIsIklBQjE4LTYiLCJJQUIxOC0zIiwiSUFCMTgtNCJdfQ%3D%3D&ref=http%3A%2F%2Fdaily.com.ua%2F&rtuid=d776858a82ab00983e6b88f01889aa6a
Requested by: Host: goods.redtram.com
URL: https://goods.redtram.com/j/23238/?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Aug 2022 07:28:02 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 adpartner Show response
rtb.redtram.com/ 0
199 B 107ms
86ms Script
text/plain 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.redtram.com/adpartner?data=eyJyZXF1ZXN0VXVpZCI6IjU2NWMwYWQ0LWRjYTQtNGFkMy1hOWRlLTc0MTI5YjZhNDkwYyIsInNpdGVJZCI6MTMyMDUsInRpY2tlcklkIjoyMzIzOCwicmF0ZXMiOlswLjAyNDksMC4wMjQ5LDAuMDI0OV0sImluZm9ybWVyV2lkdGgiOjMzNSwiaW1hZ2VTaXplIjo0MDAsImlkbiI6InVkbWVsIiwib3NJZCI6MCwibWFya2V0SWQiOjI2NDQxLCJnb29kSWQiOjIxMTIyMDYsImlhYiI6WyJJQUIyIiwiSUFCOS03IiwiSUFCMTgtNCIsIklBQjE5LTE3IiwiSUFCMSIsIklBQjE3LTEzIiwiSUFCMjAiLCJJQUI2LTIiLCJJQUI3LTQ0IiwiSUFCMTYiLCJJQUIxNC0xIiwiSUFCOS0zMCIsIklBQjMiLCJJQUIyMi00IiwiSUFCMS0xIiwiSUFCMTkiLCJJQUIxOC0xIiwiSUFCMjItNCIsIklBQjktOSIsIklBQjEwLTciLCJJQUI3IiwiSUFCMjItNCIsIklBQjE5LTYiLCJJQUI3LTMxIiwiSUFCOS0xNiIsIklBQjIxIiwiSUFCNy0zMSIsIklBQjEyIiwiSUFCNSIsIklBQjE4LTUiLCJJQUIzIiwiSUFCMyIsIklBQjE3LTE4IiwiSUFCMTkiLCJJQUIxOC02IiwiSUFCMTAtNyIsIklBQjE5LTI5IiwiSUFCOCIsIklBQjQiLCJJQUIxMC00IiwiSUFCMjItNCIsIklBQjI0IiwiSUFCMjAtMSIsIklBQjEwLTkiLCJJQUIzIiwiSUFCMTkiLCJJQUIxMiIsIklBQjEwIiwiSUFCMTgtMSIsIklBQjEzIiwiSUFCOS0yMyIsIklBQjE4LTYiLCJJQUIxOC0zIiwiSUFCMTgtNCJdfQ%3D%3D&ref=http%3A%2F%2Fdaily.com.ua%2F&rtuid=d776858a82ab00983e6b88f01889aa6a
Requested by: Host: goods.redtram.com
URL: https://goods.redtram.com/j/23238/?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Aug 2022 07:28:02 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9725.8pfQ72uDWO2jA-N3ZXCqXgHOuhVsPF9gPzpOa_t0eeA2m0CHTtMCMU2usHRZJz39.b6NYam1fmtulZb-EC5H8rGM4rVI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9725.sDa_jZsS9SzUR_c6NqiDUrxUfgERsMTvkwm7rA3zLRHneDz2PSzUPBTZYCJGvI4yyDKN0U_rKEyRq5L8B-Jhfw%2C%2C.OFMQ7RvRf8VMJWT9ZGAFo453roY%2C

75 B
75 B

95ms
95ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9725.sDa_jZsS9SzUR_c6NqiDUrxUfgERsMTvkwm7rA3zLRHneDz2PSzUPBTZYCJGvI4yyDKN0U_rKEyRq5L8B-Jhfw%2C%2C.OFMQ7RvRf8VMJWT9ZGAFo453roY%2C

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:03 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9725.sDa_jZsS9SzUR_c6NqiDUrxUfgERsMTvkwm7rA3zLRHneDz2PSzUPBTZYCJGvI4yyDKN0U_rKEyRq5L8B-Jhfw%2C%2C.OFMQ7RvRf8VMJWT9ZGAFo453roY%2C
date: Tue, 09 Aug 2022 07:28:03 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 92ms
91ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:03 GMT
last-modified: Mon, 08 Aug 2022 11:59:56 GMT
etag: "62f0d08c-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Aug 2022 08:28:03 GMT

GET
H/1.1 200
OK / Show response
hlmiq.com/vu/a/ Frame DCA0 3 KB
2 KB 60ms
60ms Document
text/html 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlmiq.com/vu/a/?
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: af3cd664e57921690e5bd8b343724391726ba74be3270347ec3e7eab3a88f469

Request headers

Referer: https://hlmiq.com/vu/a/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 07:28:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame 1ABC 15 KB
5 KB 236ms
104ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be0344d75b745d68b487f4e0f5024ee147dd866fabc75df27ec7e3680f1c1508

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=0
content-encoding: gzip
content-length: 3887
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Aug 2022 06:33:06 GMT
expires: Tue, 09 Aug 2022 06:33:06 GMT
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44DE 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CorSBggzyYt-1OeiRjuwP-5wxhImZy2vN0cuBlxCNsZbkkjEQASD_m8kkYJUCoAGyisGqAcgBCakC8t9rKPQaqj6oAwHIA0iqBOoBT9DRjpoEjrvkmqq07blcb9lyM6oqEwVxZ-zj5O-03hKsSv7B-MtZhTYWkl-eg5N0pldFZio_2yPk8OEkHDyJzzQPQhc419lUAZsz3DMRvzKyLshGuh3safDEReUzsNjwbwu3gVLoRThNumZr-hKuvKJDcI6sD5XYp7GilM460PpC-QpVFizGvEGDxerQdAPveL9PibHJXa1GxibFmYclnnKThC6Fd8-j-a2Lslq9WkyXvQH03f4CaIX3qzFlhQ4dGAyBPVVTaIbIf6DsDSzP63d9qjIdT1ZQ6UFWEPRgGO62UFnBowXw5IBFwATukPjzlASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDP3wHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02NDM2OTk3MDg0MTU5NTkyGAA&sigh=3-9tabU405M&uach_m=[UACH]&template_id=419

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 09 Aug 2022 07:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 09 Aug 2022 07:28:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 44DE 23 KB
10 KB 183ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 07:16:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 44DE 3 KB
1 KB 199ms
70ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 06:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 06:56:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 44DE 17 KB
8 KB 191ms
62ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 06:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 06:51:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44DE 140 KB
44 KB 200ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 07:28:03 GMT

GET
H2 200 / Show response
iqbroker.com//lp/ultimate-trading/ Frame DCA0 0
0 223ms
60ms Script
text/html 185.117.134.138
IQOPTION

General

Check archive.org

Show headers Download Go to

Full URL: https://iqbroker.com//lp/ultimate-trading/?active=forex2&aff=7792
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.117.134.138 , Cyprus, ASN204006 (IQOPTION, CY),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 j19u1ne5 Show response
offer.alibaba.com/cps/ Frame DCA0 0
0 1103ms
373ms Script
text/html 104.111.243.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=718f31ddbd9192dfd18bc2cc51353442&pid=656490
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

signup Show response
referral.crypto.com/ Frame DCA0
Redirect Chain

https://crypto.com/app/8mk2bghn8f
https://platinum.crypto.com/r/8mk2bghn8f
https://get.mona.co/1mLxRmFn1bb
https://monaco.app.link/1mLxRmFn1bb?_p=c81629c3910b7af1e11d90f9ed
https://app.mona.co/referral/fallback?_branch_match_id=1085451725016123548&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT08t0cvNz0vUS87XN8z1qQjKdcszTEoCAE64N64fAAAA
https://referral.crypto.com/signup?_branch_match_id=1085451725016123548

0
0

332ms
316ms

Script
text/html

2606:4700::6812:713a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://referral.crypto.com/signup?_branch_match_id=1085451725016123548
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 2606:4700::6812:713a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:05 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
location: https://referral.crypto.com/signup?_branch_match_id=1085451725016123548
x-xss-protection: 1; mode=block
x-request-id: 1ef618b1-ae1b-4e77-8409-5704506da42a
x-runtime: 0.006373
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/html; charset=utf-8
pragma: no-cache
cache-control: no-cache, no-store
cf-ray: 737ec5dea9a27541-LHR
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
freebitco.in/signup/ Frame DCA0
Redirect Chain

https://freebitco.in/?r=3669689
https://freebitco.in/signup/?op=s&r=3669689

0
0

60ms
60ms

Script
text/html

104.22.6.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freebitco.in/signup/?op=s&r=3669689
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 104.22.6.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://freebitco.in/signup/?op=s&r=3669689
cache-control: max-age=0
cf-ray: 737ec5d4fa459112-FRA
expires: Tue, 09 Aug 2022 07:28:03 GMT

GET
H2 200 Home.do Show response
www.rentalcars.com/ Frame DCA0 0
0 437ms
324ms Script
text/html 104.16.106.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rentalcars.com/Home.do?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1WStFXZe3gk&utm_source=ca&aip=1jf&click_id=5hnZ1WStFXZe3gk
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.106.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/ Show response
www.ebay.com/ Frame DCA0
Redirect Chain

https://adsexample.com/to2/uatest/
https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=62f20c47c5b37600019f0925_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true

0
0

559ms
283ms

Script
text/html

23.47.213.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=62f20c47c5b37600019f0925_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 23.47.213.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=62f20c47c5b37600019f0925_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
Date: Tue, 09 Aug 2022 07:28:03 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
www.miniinthebox.com/ Frame DCA0 0
0 1072ms
571ms Script
text/html 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=z1IQeKxHcxyNTrZ1y%3AR0UV8aUkDyshQGXUjWwE0&irgwc=1
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

/ Show response
my28.roboforex.org/en/login/ Frame DCA0
Redirect Chain

https://rbfxdirect.com/ru/lk/?a=zkeb
https://my28.roboforex.org/ru/?a=zkeb
https://my28.roboforex.org/en/?a=zkeb
https://my28.roboforex.org/en/
https://my28.roboforex.org/en/login/

0
0

276ms
276ms

Script
text/html

167.71.140.86
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://my28.roboforex.org/en/login/
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: HTTP/1.1
Server: 167.71.140.86 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 09 Aug 2022 07:28:03 GMT
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=utf-8
Location: https://my28.roboforex.org/en/login/
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
X-App-Rbfx: LK
Content-Security-Policy: frame-ancestors 'self' http://webvisor.com http://*.webvisor.com https://*.roboforex.com https://*.roboforexcn.com https://*.roboforexcn.org https://*.roboforex-cn.org https://*.roboforex.org https://*.umstel.com https://*.robo-id.com;
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
www.lightinthebox.com/ Frame DCA0 0
0 922ms
419ms Script
text/html 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=UExR7RxHpxyNTrZ1y%3AR0UV8aUkDyC52OXUjWwE0&irgwc=1
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

/ Show response
chaturbate.com/kathariine/ Frame DCA0
Redirect Chain

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
https://chaturbate.com/kathariine/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0

0
0

313ms
313ms

Script
text/html

2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chaturbate.com/kathariine/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H3
Server: 2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
content-language: en
location: /kathariine/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
cf-ray: 737ec5d64b14891e-LHR

GET
H3

200

ru Show response
paxful.com/ Frame DCA0
Redirect Chain

https://paxful.com/ru/?r=GzdvAoGWyQA
https://paxful.com/ru?r=GzdvAoGWyQA

0
0

528ms
478ms

Script
text/html

2606:4700::6811:3b3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paxful.com/ru?r=GzdvAoGWyQA
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H3
Server: 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://paxful.com/ru?r=GzdvAoGWyQA
cache-control: max-age=3600
cf-ray: 737ec5d63c6c889b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 Aug 2022 08:28:03 GMT

GET
H2

200

/ Show response
www.exness.uk/ Frame DCA0
Redirect Chain

https://www.exness.com/a/vps0b6j3
https://www.exness.com/?utm_source=partners&_8f4x=1
https://www.exness.uk/?utm_source=partners&_8f4x=1

0
0

206ms
55ms

Script
text/html

45.60.78.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exness.uk/?utm_source=partners&_8f4x=1
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 45.60.78.64 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://www.exness.uk/?utm_source=partners&_8f4x=1
x-iinfo: 12-178335261-178335274 PNNy RT(1660030083689 173) q(0 0 0 -1) r(0 0) U11
cache-control: no-cache
x-cdn: Imperva
content-length: 0

GET
H2

200

/ Show response
ch.hotels.com/ Frame DCA0
Redirect Chain

https://resistcorrectly.com/w
https://hlmiq.com/to2/hotels.ch/
https://de.hotels.com/?locale=de_CH&pos=HCOM_CH&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd=1101lw4BkAca&affcid=HCOM-CH.DIRECT.PHG.1100l95727&afflid=1101lw4BkAca&original_destination=https://de.hote...
https://ch.hotels.com/?locale=de_CH&pos=HCOM_CH&pos=HCOM_CH&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&affcid=HCOM-CH.DIRECT...

0
0

1062ms
1052ms

Script
text/html

2a02:26f0:1700:383::277d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.hotels.com/?locale=de_CH&pos=HCOM_CH&pos=HCOM_CH&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&affcid=HCOM-CH.DIRECT.PHG.1100l95727&affcid=HCOM-CH.DIRECT.PHG.1100l95727&afflid=1101lw4BkAca&afflid=1101lw4BkAca&original_destination=https%3A%2F%2Fde.hotels.com%2F%3Flocale%3Dde_CH
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 2a02:26f0:1700:383::277d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:04 GMT
x-content-type-options: nosniff
x-b3-traceid: 1b82d51cf52c4b2aacd5aa04e01ee5bf, 1f093c3b37eef5bca6808d7fbca3d1e8
x-client-ipv6: true
x-edgeconnect_guid_debug: ,
x-cgp-info: noJvmRouteSet;ce6faa3d-17b4-11ed-9459-024260b850bb
strict-transport-security: max-age=31536000
content-length: 602
x-xss-protection: 1
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
vary: User-Agent
content-type: text/html; charset=iso-8859-1
location: https://ch.hotels.com/?locale=de_CH&pos=HCOM_CH&pos=HCOM_CH&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&rffrid=aff.hcom.CH.038.000.1100l95727.kwrd%3D1101lw4BkAca&affcid=HCOM-CH.DIRECT.PHG.1100l95727&affcid=HCOM-CH.DIRECT.PHG.1100l95727&afflid=1101lw4BkAca&afflid=1101lw4BkAca&original_destination=https%3A%2F%2Fde.hotels.com%2F%3Flocale%3Dde_CH
cache-control: max-age=0, no-cache, no-store
content-security-policy: default-src 'unsafe-inline' data: about: hcom: blob: callback: chrome-error: *; script-src 'unsafe-eval' 'unsafe-inline' data: about: blob: asset: *; report-uri https://hcom.report-uri.com/r/t/csp/enforce
trace-id: 1b82d51c-f52c-4b2a-acd5-aa04e01ee5bf
expires: Tue, 09 Aug 2022 07:28:04 GMT

GET
H2

200

https://www.binance.com/ru/register?ref=KZTDOPQP
https://accounts.binance.com/ru/register?ref=KZTDOPQP

0
0

197ms
64ms

Script
text/html

65.9.66.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.binance.com/ru/register?ref=KZTDOPQP
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-92.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:27:24 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
server: Tengine
age: 40
x-cache: Hit from cloudfront
content-type: text/html
location: https://accounts.binance.com/ru/register?ref=KZTDOPQP
cache-control: no-store,max-age=0,must-revalidate
x-amz-cf-pop: FRA56-C1
content-length: 215
x-amz-cf-id: wPL8v914ZDRrpNMwfBVBcZX5WKdVW4haM1RKKlSTt5uaxDeXmJtPgQ==

GET
H2

200

/ Show response
de.bongacams.com/ Frame DCA0
Redirect Chain

https://bongacams10.com/track?v=2&c=287325
https://trkbng.com/hit.php?v=2&c=287325
https://bongacams.com/?bcs=Zm9yaDJjYWRhNTBmMTIzMmYzMmUxYTc0ZDZmZjZkNzFjZjA4OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
https://de.bongacams.com/?bcs=Zm9yaDJjYWRhNTBmMTIzMmYzMmUxYTc0ZDZmZjZkNzFjZjA4OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

0
0

587ms
486ms

Script
text/html

195.85.23.96
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://de.bongacams.com/?bcs=Zm9yaDJjYWRhNTBmMTIzMmYzMmUxYTc0ZDZmZjZkNzFjZjA4OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 195.85.23.96 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS: net-96-23-conversasro.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
location: https://de.bongacams.com/?bcs=Zm9yaDJjYWRhNTBmMTIzMmYzMmUxYTc0ZDZmZjZkNzFjZjA4OjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
cache-control: no-cache, no-store, must-revalidate
cf-ray: 737ec5dcc93e7529-LHR
x-zone: 4-web41-ded7732

GET
H2 403 /
creativemarket.com/ Frame DCA0 0
0 163ms
58ms Script
text/html 2606:4700:4400::ac40:93b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemarket.com/?U=agrus
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 / Show response
www.semrush.com/ Frame DCA0 0
0 338ms
211ms Script
text/html 34.120.45.191
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semrush.com/?ref=2017024630&refer_source=&utm_source=berush&utm_medium=promo&utm_campaign=link_other
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.45.191 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 191.45.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 / Show response
www.activecampaign.com/ Frame DCA0 0
0 472ms
253ms Script
text/html 2606:4700:10::6814:10f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activecampaign.com/?_r=MNKTMH1C
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/ Show response
faucetpay.io/ Frame DCA0
Redirect Chain

https://is.gd/zIJynH
https://faucetpay.io/?r=612200

0
0

221ms
120ms

Script
text/html

2606:4700:20::ac43:490c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/?r=612200
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 2606:4700:20::ac43:490c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://faucetpay.io/?r=612200
date: Tue, 09 Aug 2022 07:28:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 737ec5db1e00405d-LHR
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8

GET
H2

200

/ Show response
cex.io/ Frame DCA0
Redirect Chain

https://cex.io/r/0/up111785894/0/
https://cex.io/

0
0

100ms
99ms

Script
text/html

104.20.0.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cex.io/
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 104.20.0.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://cex.io
date: Tue, 09 Aug 2022 07:28:04 GMT
vary: Accept-Encoding
x-app-version: master.0fd62a07.9ba3e7828bb61d1510bb09ffbe1b4d2826dfebcea9022caf0f13edaedb7afaa2
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-security-policy-report-only: default-src 'self';connect-src 'self' https://maps.googleapis.com https://cex.io wss://cex.io/ws/;frame-src 'self' * ext.cex.io;font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://static.cex.io;img-src 'self' data: https://static.cex.io;media-src 'self' https://static.cex.io;style-src 'self' 'unsafe-inline' https://*.googleapis.com https://code.jquery.com https://static.cex.io;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cex.io;report-uri https://cex.io/cspr;
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 737ec5db89ee7314-LHR
cf-cache-status: DYNAMIC

GET
H2 200 deals Show response
www.agoda.com/ Frame DCA0 0
0 277ms
100ms Script
text/html 96.16.144.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.agoda.com/deals?pcs=1&cid=1818886
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-167.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 / Show response
www.tomtop.com/ Frame DCA0 0
0 863ms
427ms Script
text/html 52.42.86.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tomtop.com/?aid=agru
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.86.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-86-57.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/ Show response
de.dhgate.com/ Frame DCA0
Redirect Chain

https://adsexample.com/to2/dhgate/
https://de.dhgate.com/?f=bm|aff|admitad|1019090|b985358b8df43094eb1d84b12dd88883|197649||

0
0

475ms
257ms

Script
text/html

2606:2800:235:1c73:1f86:1376:22ce:2cd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.dhgate.com/?f=bm|aff|admitad|1019090|b985358b8df43094eb1d84b12dd88883|197649||
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 2606:2800:235:1c73:1f86:1376:22ce:2cd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://de.dhgate.com/?f=bm|aff|admitad|1019090|b985358b8df43094eb1d84b12dd88883|197649||
Date: Tue, 09 Aug 2022 07:28:04 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

/ Show response
www.hotelscombined.com/ Frame DCA0
Redirect Chain

https://www.hotelscombined.com/?a_aid=172493
https://www.hotelscombined.com/

0
0

438ms
438ms

Script
text/html

151.101.1.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotelscombined.com/
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 151.101.1.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
referrer-policy: origin-when-cross-origin
server: KAYAK/1.0
date: Tue, 09 Aug 2022 07:28:04 GMT
content-security-policy-report-only: default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to: { "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
location: /
permissions-policy: camera=(), microphone=(), midi=(), geolocation=(self), usb=(), interest-cohort=()
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 download Show response
m.tiktok.com/invitef/ Frame DCA0 0
0 527ms
322ms Script
text/html 23.216.77.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.tiktok.com/invitef/download?user_id=7037259720185594885&enter_from=invite_friends&invitemode=invitevia&invitesystem=0&platform=telegram&copytype=0&ug_btm=&redirect_url=snssdk1233%3A%2F%2Fuser%2Fprofile%2F7037259720185594885%3Fsec_uid%3DMS4wLjABAAAAtqflgXkki3g7-Y9EeY-0v0wvA_WDX868RjhrNHbRWigW0fatWwB5XIs6T_5cpRnU%26user_id%3D7037259720185594885
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 / Show response
changelly.com/ Frame DCA0 0
0 320ms
214ms Script
text/html 2606:4700:20::681a:66c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

/ Show response
www.instaforex.com/ Frame DCA0
Redirect Chain

https://www.instaforex.com/?x=LVYG
https://www.instaforex.com/

0
0

455ms
392ms

Script
text/html

2606:4700:10::ac43:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instaforex.com/
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H3
Server: 2606:4700:10::ac43:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
content-type: text/html; charset=utf-8
location: https://www.instaforex.com/
cache-control: no-cache
cf-ray: 737ec5ddbe4571fa-LHR
expires: Tue, 09 Aug 2022 07:28:03 GMT

GET
H2

200

/ Show response
www.thelotter.com/de/ Frame DCA0
Redirect Chain

https://www.thelotter.com/?tl_affid=9175
https://www.thelotter.com/de/?tl_affid=9175

0
0

449ms
448ms

Script
text/html

107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelotter.com/de/?tl_affid=9175
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000
server
x-powered-by: ASP.NET
location: https://www.thelotter.com/de/?tl_affid=9175
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-iinfo: 16-6881030-6881056 NNNY CT(7 8 0) RT(1660030084236 58) q(0 0 0 0) r(1 1) U11
cache-control: public, max-age=604800
date: Tue, 09 Aug 2022 07:28:04 GMT
server-name: simba2
access-control-allow-headers: *
content-length: 160
x-cdn: Imperva
x-ua-compatible: IE=edge

GET
H2 200 / Show response
stripchat.com/ Frame DCA0 0
0 353ms
246ms Script
text/html 2606:4700::6813:b729
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b729 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 / Show response
kinsta.com/ Frame DCA0 0
0 543ms
441ms Script
text/html 2606:4700:4400::6812:2a83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kinsta.com/?kaid=ARRPTWYMWIMC
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/ Show response
de.iherb.com/ Frame DCA0
Redirect Chain

https://adsexample.com/to2/iherbcd/
https://www.iherb.com/?clickref=1101lw4CamYq&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232

0
0

365ms
350ms

Script
text/html

172.64.154.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 172.64.154.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:05 GMT
datacenter: production/catalog/london
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
location: https://de.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
vary: Accept-Encoding
cache-control: no-store
x-client-id: page-home
buildnumber: 1697
cf-ray: 737ec5e20fef776b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

503

/
localbitcoins.com/ Frame DCA0
Redirect Chain

https://localbitcoins.com/?ch=1cmsy
https://localbitcoins.com/

0
0

53ms
53ms

Script
text/html

104.18.201.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://localbitcoins.com/
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Server: 104.18.201.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Aug 2022 07:28:05 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-type: text/html; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-language: en
location: /
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 737ec5e10be771c6-LHR
vary: Accept-Language, Cookie
content-length: 0

GET
H2 403 2716653
remitano.com/join/ Frame DCA0 0
0 277ms
78ms Script
text/html 2606:4700:10::6816:4d5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://remitano.com/join/2716653
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

1 Show response
mc.yandex.com/watch/23414332/
Redirect Chain

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A807%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A807%3Afu%3A0%3Aen%3Autf-8%3Ala%...

338 B
420 B

93ms
92ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A807%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1232286685303%3Ahid%3A211753674%3Az%3A0%3Ai%3A20220809072803%3Aet%3A1660030083%3Ac%3A1%3Arn%3A326328289%3Arqn%3A1%3Au%3A16600300831047870787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1660030080929%3Ads%3A18%2C363%2C108%2C1%2C%2C0%2C%2C974%2C22%2C%2C%2C%2C1465%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660030083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20DailyUA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5d598681808cf91bcc9d8840c0a1b279e7aac138052f2978c8d2f0979e5a662f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 09-Aug-2022 07:28:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://daily.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 09-Aug-2022 07:28:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:03 GMT
last-modified: Tue, 09-Aug-2022 07:28:03 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4o86v7h18qg%3Afp%3A807%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1232286685303%3Ahid%3A211753674%3Az%3A0%3Ai%3A20220809072803%3Aet%3A1660030083%3Ac%3A1%3Arn%3A326328289%3Arqn%3A1%3Au%3A16600300831047870787%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1660030080929%3Ads%3A18%2C363%2C108%2C1%2C%2C0%2C%2C974%2C22%2C%2C%2C%2C1465%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1660030083%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20DailyUA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daily.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 09-Aug-2022 07:28:03 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1579 143 B
163 B 54ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 07:10:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 44DE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e29c0fdfa9bf8250b9cd749f5787c2e86d18ab29638e36ac5003c9cafff2598

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame 1ABC 6 KB
3 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 10:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2639
x-xss-protection: 0
server: cafe
etag: 15893831270588722589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 09 Aug 2022 10:06:05 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 1ABC 26 KB
10 KB 166ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 11:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 09 Aug 2022 11:10:28 GMT

GET
H3 200 e6f40d138158e41bbc4290d1d8f9ae48.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame 1ABC 84 KB
22 KB 181ms
71ms Script
application/x-javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 68692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22268
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Mon, 08 Aug 2022 12:23:11 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:23:11 GMT

GET
H2 200 2112741s.jpg
img3.redtram.com/150x150/ 8 KB
9 KB 69ms
59ms Image
image/jpeg 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img3.redtram.com/150x150/2112741s.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 2f80b4b257ea8a3de1836269a563616fab5dae272eafdd932335a0689631e625

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-server-rt: img04
date: Tue, 09 Aug 2022 07:28:03 GMT
last-modified: Tue, 26 Apr 2022 10:13:55 GMT
server: nginx/1.18.0
etag: "6267c5e3-2180"
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=604800, private
content-length: 8576
expires: Tue, 16 Aug 2022 07:28:03 GMT

GET
H2 200 2112739s.jpg
img3.redtram.com/150x150/ 13 KB
13 KB 128ms
117ms Image
image/jpeg 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img3.redtram.com/150x150/2112739s.jpg?v=1650968099
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 4ecce58291cb048716d0ab302cac01ab9251db407337891f9a77915e6618a419

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-server-rt: img04
date: Tue, 09 Aug 2022 07:28:03 GMT
last-modified: Tue, 26 Apr 2022 10:15:01 GMT
server: nginx/1.18.0
etag: "6267c625-3376"
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=604800, private
content-length: 13174
expires: Tue, 16 Aug 2022 07:28:03 GMT

GET
H2 200 2120816s.jpg
img3.redtram.com/150x150/ 11 KB
11 KB 128ms
118ms Image
image/jpeg 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img3.redtram.com/150x150/2120816s.jpg
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 2238f31e4b749d4f58eadfd97c8537152f05702124785f4d14ddd6808bcb3cea

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-server-rt: img03
date: Tue, 09 Aug 2022 07:28:03 GMT
last-modified: Mon, 13 Jun 2022 14:31:30 GMT
server: nginx/1.18.0
etag: "62a74a42-2a94"
x-cache-status: HIT
content-type: image/jpeg
cache-control: max-age=604800, private
content-length: 10900
expires: Tue, 16 Aug 2022 07:28:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1579
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

85ms
85ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 07:28:03 GMT
expires: Tue, 09 Aug 2022 07:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 07:28:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
goods.redtram.com/shows/ 43 B
180 B 59ms
59ms Image
image/gif 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goods.redtram.com/shows/?i=23238&srv=128&rtuid=d776858a82ab00983e6b88f01889aa6a
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:03 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT
server: nginx/1.18.0
content-type: image/gif

GET
H2 200 css
fonts.googleapis.com/ Frame 1ABC 2 KB
1 KB 195ms
71ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 07:16:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 07:28:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 07:28:03 GMT

GET
H3 200 5d2621bd596ef5c2c83d009be66f5432.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 1ABC 13 KB
13 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/5d2621bd596ef5c2c83d009be66f5432.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 539806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 03 Aug 2022 01:31:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 01:31:17 GMT

GET
H2 200 /
goods.redtram.com/shows/ 43 B
180 B 61ms
61ms Image
image/gif 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goods.redtram.com/shows/?i=23238&srv=128&rtuid=d776858a82ab00983e6b88f01889aa6a&tiz=2112741&pos=1
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:03 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT
server: nginx/1.18.0
content-type: image/gif

GET
H2 200 /
goods.redtram.com/shows/ 43 B
180 B 62ms
61ms Image
image/gif 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goods.redtram.com/shows/?i=23238&srv=128&rtuid=d776858a82ab00983e6b88f01889aa6a&tiz=2112739&pos=2
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:03 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT
server: nginx/1.18.0
content-type: image/gif

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/ Frame 5AEF 58 KB
15 KB 55ms
54ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=280&slotname=7110126662&adk=2325384854&adf=3055432483&pi=t.ma~as.7110126662&w=335&lmt=1660030082&rafmt=12&psa=0&format=335x280&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081972&bpp=1&bdt=550&idt=831&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x120&correlator=4908926299614&frm=20&pv=1&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=965&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZkLJF0mmF&p=http%3A//daily.com.ua&dtd=834

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e680e2998af4d729af03985dd260c4e6ecdd37c8337ee508a890297eb3c897

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 414013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 15535
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 12:27:50 GMT
expires: Fri, 04 Aug 2023 12:27:50 GMT
last-modified: Wed, 05 Jan 2022 09:11:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C4B 0
0 100ms
99ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CesSpggzyYtjDOrGT-cAPv8CK2A7d_fiFabPe7JexCNzZHhABIP-bySRglQKgAZjZ6d8DyAEJqQJBTnNnCRmxPqgDAcgDSKoEgwJP0OCK8T9gZmihY6414p57bkzgf_W8eLzi6TrLoGCtmNV8z9WtRc_vck1azZJhBeY5B6eizig5vnsGuDkKkTyX4ajjtj2e2ylvjov0rWxeOu4uyGZeqB-iDM5SQ2nJH5hP2IvdwAqlez2qK3ZLrvOwRBjOHkVQMNB3Y7y5EsIlVtCwhklReb5PWWoGKZAKpXRrYaIbkYcQKnnILd5i1szUtDSD_qNnOp1slgofQANtRHDi2ppy5JBpXZGEfAVzrU4s-o-rT6EN-49BBPs3ftzBLl55Gq2qeFn-wrvLmhewpVLi3rwO2Zw5OYXFsJUf5tbbnUyXoC-kV5LkudQP0qrXh9FrwATb0sW46gGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0KaWIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKqDBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY0MzY5OTcwODQxNTk1OTIYAA&sigh=AuJJAGI00_w&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=280&slotname=7110126662&adk=2325384854&adf=3055432483&pi=t.ma~as.7110126662&w=335&lmt=1660030082&rafmt=12&psa=0&format=335x280&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081972&bpp=1&bdt=550&idt=831&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x120&correlator=4908926299614&frm=20&pv=1&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=965&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZkLJF0mmF&p=http%3A//daily.com.ua&dtd=834
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 09 Aug 2022 07:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 1C4B 23 KB
9 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 07:12:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 1C4B 3 KB
1 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 07:11:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C4B 140 KB
43 KB 171ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 07:28:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 1C4B 17 KB
7 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 07:11:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1ABC 15 KB
16 KB 170ms
53ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 179902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 05:29:41 GMT

GET
H3 200 391f7a7a4277d1f9d837ec833bbc3a24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 1ABC 13 KB
13 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 539806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 03 Aug 2022 01:31:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 01:31:17 GMT

GET
H2 200 /
goods.redtram.com/shows/ 43 B
180 B 73ms
73ms Image
image/gif 159.69.174.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goods.redtram.com/shows/?i=23238&srv=128&rtuid=d776858a82ab00983e6b88f01889aa6a&tiz=2120816&pos=3
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.174.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.174.69.159.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://daily.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:03 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 25 Apr 1986 22:23:46 GMT
server: nginx/1.18.0
content-type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 5AEF 37 KB
1 KB 210ms
77ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:100,100italic,200,200italic,300,300italic,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic,400|Barlow+Condensed:100,100italic,200,200italic,300,300italic,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic,400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46e212dd74790b6fa72de475f364705736a8d11a7b2c5853629e702538584dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 07:28:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 07:28:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 07:28:04 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5AEF 16 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 09 Aug 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5AEF 26 KB
10 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 10 Aug 2022 05:09:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6697 143 B
163 B 55ms
55ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=280&slotname=7110126662&adk=2325384854&adf=3055432483&pi=t.ma~as.7110126662&w=335&lmt=1660030082&rafmt=12&psa=0&format=335x280&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081972&bpp=1&bdt=550&idt=831&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=1040x120&correlator=4908926299614&frm=20&pv=1&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=965&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QZkLJF0mmF&p=http%3A//daily.com.ua&dtd=834
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 07:10:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6697
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

85ms
85ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 07:28:04 GMT
expires: Tue, 09 Aug 2022 07:28:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 07:28:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1C4B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f007b99d03a1f2e76cca898da007e4af656b38619a8b86db9d474abb9cd1c1db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1ABC 36 KB
14 KB 162ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 06:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 06:10:13 GMT

GET
H3 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 5AEF 21 KB
21 KB 188ms
79ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:100,100italic,200,200italic,300,300italic,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic,400|Barlow+Condensed:100,100italic,200,200italic,300,300italic,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 22:57:25 GMT
x-content-type-options: nosniff
age: 549039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 22:57:25 GMT

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 5AEF 21 KB
21 KB 167ms
59ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 22:12:32 GMT
x-content-type-options: nosniff
age: 551732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 22:12:32 GMT

GET
H3 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ Frame 5AEF 20 KB
20 KB 162ms
54ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 22:52:19 GMT
x-content-type-options: nosniff
age: 549345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20200
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 22:52:19 GMT

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AEF 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 06:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 06:10:13 GMT

GET
H3 200 Pentair_Vertical_RGB.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/ Frame 5AEF 7 KB
2 KB 70ms
70ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/Pentair_Vertical_RGB.svg

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71adfc57b0887dda53c979885bb3225d5dd303b578e8f19864773a50ae97e0f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 149909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2188
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 09:11:08 GMT
server: sffe
date: Sun, 07 Aug 2022 13:49:35 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 13:49:35 GMT

GET
H3 200 Feuerwehr.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/ Frame 5AEF 36 KB
37 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3256062220522308903/Feuerwehr.jpg

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db3e554fc43e45c99b41ad5cf8d1064ce6576490cabbd63613cbe4f5d189886

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 495006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37367
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 09:11:08 GMT
server: sffe
date: Wed, 03 Aug 2022 13:57:58 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 13:57:58 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44DE 42 B
64 B 198ms
89ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCkVWo6KkXPUAcSO3P7ezn3efcVGKnC3coZH9EIJE3sOQzJH7CBxUkDViJALsprjS9UFgJyTe34fUZJuh85koQKW4O_kmT6L95Ol1MrYs9OwiLOcwDbwSxcoQ4ImVcdc_3mfO6a0i0b9s6&sai=AMfl-YRwTG9biw1IgRBfQX5yiNU-pLL5OinSztTgzme9LUEg9thr4E_KmNgxF7Omh_OjVTGDSP9-cwAM45la&sig=Cg0ArKJSzNh1ruFqKcnIEAE&id=lidar2&mcvt=1000&p=0,1,120.0625,972&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1759604640&rs=2&la=0&cr=0&vs=4&r=v&rst=1660030083145&rpt=343&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C4B 42 B
64 B 90ms
89ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueIElh7CfMLphQN0tmG-AD9vNThTPKMtlKQYOxJLBKTNLNw99Z4GO_CNsRoh7PKxwn2YAA-EBdbZG6z0IxVZEiNZX5eN5yYHPoM-7ZqL0GAIOHgAkEJOiFQidEULEmfikJKnk47OOOJJ7E&sai=AMfl-YRMnPtgTrOdiXN9tmsKVK8Ml6YetxAYOUuY0as0nkcdSm2c0AwbpP52d2zsul2ERM0_8aQyN9LTxScx&sig=Cg0ArKJSzJcUfPjOiCFHEAE&id=lidar2&mcvt=1001&p=0,1,279.1875,336&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2325384854&rs=2&la=0&cr=0&vs=4&r=v&rst=1660030082807&rpt=1228&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base.css
i.alicdn.com/ams-static/3.0.0/global/ Frame BA1C 62 KB
6 KB 96ms
73ms Stylesheet
text/css 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/global/base.css

Requested by

Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-160-13.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 31535999
fw_ip: 104.122.85.39, 104.96.160.13
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a70050010c77c3c5c6c0953203328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Thu, 30 Dec 2021 17:59:01 GMT
network_info: US_SEATTLE_35994, GB_LONDON_201011
x-readtime: 795
server-timing: rt;dur=0.799,eagleid;desc=4f85b19f16408871400161554e
content-length: 5387
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Jan 2022 20:33:50 GMT
server: Akamai Resource Optimizer
date: Tue, 09 Aug 2022 07:28:06 GMT
x-download-options: noopen
ali-swift-global-savetime: 1640887140
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=12393001
served-from: 23.11.206.101
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 4f85b19f16408871400161554e, 4f85b19716408883754805636e
expires: Fri, 30 Dec 2022 17:58:07 GMT

GET
H2 200 base.js Show response
i.alicdn.com/ams-static/3.0.0/global/ Frame BA1C 299 KB
52 KB 163ms
139ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/global/base.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-160-13.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

24f951604079e04853fa2530c81c65bd3527ee9b8bb3a47f353b83d110d0fc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 31536000
fw_ip: 23.37.71.87, 104.96.160.13
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100d52e858d73970bd3328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Wed, 08 Dec 2021 13:52:07 GMT
network_info: US_CHICAGO_35994, GB_LONDON_201011
x-readtime: 3865
server-timing: rt;dur=3.884,eagleid;desc=2ff6189916389715230688961e
content-length: 52509
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 13:52:51 GMT
server: Akamai Resource Optimizer
date: Tue, 09 Aug 2022 07:28:06 GMT
x-download-options: noopen
ali-swift-global-savetime: 1638971527
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=10477502
served-from: 47.246.24.254
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6189916389715230688961e, 2ff6189d16389715696813277e
expires: Thu, 08 Dec 2022 13:53:08 GMT

GET
H2 200 index.js Show response
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame BA1C 51 KB
18 KB 105ms
82ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-160-13.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 29501004
fw_ip: 23.193.120.47, 104.96.160.13
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500104791de28548d9c9d3328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Thu, 09 Dec 2021 00:04:27 GMT
network_info: US_CHICAGO_35994, GB_LONDON_201011
x-readtime: 631
server-timing: rt;dur=0.636,eagleid;desc=2ff6189f16369732704887646e
content-length: 17480
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Dec 2021 00:04:28 GMT
server: Akamai Resource Optimizer
date: Tue, 09 Aug 2022 07:28:06 GMT
x-download-options: noopen
ali-swift-global-savetime: 1636973271
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=8479243
served-from: 47.246.23.253
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6189f16369732704887646e, 2ff6179716390082675305500e
expires: Tue, 15 Nov 2022 10:48:49 GMT

GET
H2 200 ae-header-ru.css
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame BA1C 97 KB
11 KB 85ms
68ms Stylesheet
text/css 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:06 GMT
content-encoding: br
x-oss-request-id: 60F95B1A8C29133032F208FB
content-md5: okrp/0QFbl1eCReKmGgLqA==
x-swift-cachetime: 18130167
x-oss-hash-crc64ecma: 1856276477348331625
x-swift-savetime: Fri, 24 Dec 2021 15:39:15 GMT
content-length: 10289
x-oss-object-type: Normal
last-modified: Fri, 24 Dec 2021 15:39:17 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1626954522
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14777635
served-from: 23.61.0.74
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: GB_LONDON_34164, GB_LONDON_201011
eagleid: a3b521a416403603557284486e
x-oss-server-time: 61
expires: Fri, 27 Jan 2023 08:22:01 GMT

GET
H2 200 footer.css
i.alicdn.com/ae-footer/20190918153024/buyer/front/ Frame BA1C 2 KB
1 KB 95ms
72ms Stylesheet
text/css 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-160-13.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 29181570
fw_ip: 23.7.40.168, 104.96.160.13
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500108cd402224437f58e3328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Sat, 11 Dec 2021 07:46:25 GMT
network_info: US_SANJOSE_35994, GB_LONDON_201011
x-readtime: 261
server-timing: rt;dur=0.264,eagleid;desc=2ff6189816368543552701855e
content-length: 487
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Dec 2021 07:46:25 GMT
server: Akamai Resource Optimizer
date: Tue, 09 Aug 2022 07:28:06 GMT
x-download-options: noopen
ali-swift-global-savetime: 1636854355
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=8360260
served-from: 184.28.127.49
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6189816368543552701855e, 2ff6149716392087849643978e
expires: Mon, 14 Nov 2022 01:45:46 GMT

GET
H2 200 ae-header.js Show response
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame BA1C 478 KB
108 KB 81ms
81ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:06 GMT
content-encoding: br
x-oss-request-id: 6114A0D5DDB569303695924D
content-md5: 39oy7Iof2Tc675JC/1pTow==
x-swift-cachetime: 30136508
x-oss-hash-crc64ecma: 13718294925075259392
x-swift-savetime: Sat, 28 Aug 2021 09:02:17 GMT
content-length: 109875
x-oss-object-type: Normal
last-modified: Mon, 03 Jan 2022 18:06:06 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1628741845
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16585939
served-from: 23.212.50.121
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_SANJOSE_35994, GB_LONDON_201011
eagleid: a3b510a016412331636588346e
x-oss-server-time: 142
expires: Fri, 17 Feb 2023 06:40:25 GMT

GET
H2 200 js.js Show response
g.alicdn.com/ae-traffic-kn/cont-default/0.0.1/js/ Frame BA1C 259 KB
81 KB 300ms
56ms Script
application/javascript 163.181.56.192
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.alicdn.com/ae-traffic-kn/cont-default/0.0.1/js/js.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 261953db27cc0855b121008b1c606de50a2f3f5aecc60873ebb9751b66fd9203

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 06:55:56 GMT
content-encoding: gzip
x-oss-request-id: 62F204FC4EB01C35371EFCD2
content-md5: kuJE0GWh5VsdCB/MTAH96Q==
age: 1930
x-cache: HIT TCP_MEM_HIT dirn:10:398821384
x-swift-cachetime: 86400
x-swift-savetime: Tue, 09 Aug 2022 06:55:56 GMT
content-length: 82481
x-bucket-code: 3
x-oss-object-type: Normal
access-control-allow-origin: *
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1660028156
content-type: application/javascript
via: cache26.l2de2[63,63,200-0,M], cache10.l2de2[65,0], cache10.l2de2[65,0], ens-cache7.de4[0,0,200-0,H], ens-cache5.de4[3,0]
cache-control: max-age=2592000,s-maxage=86400
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 3461275387047287842
eagleid: 2ff62b1d16600300867508152e
x-oss-server-time: 54

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 539809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 03 Aug 2022 01:31:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 01:31:17 GMT

GET
H3 200 d34ccf238d4bf4e0765398db2e1d9d0c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 1ABC 16 KB
16 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/d34ccf238d4bf4e0765398db2e1d9d0c.jpg

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 539806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16534
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 03 Aug 2022 01:31:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 01:31:20 GMT

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame BA1C 25 KB
10 KB 115ms
114ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 021390a4fcdb6d099dc2a4fe49953068fc0f62c8e0e249dc55660926668246bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:06 GMT
content-encoding: gzip
x-oss-request-id: 62F2003701420434345D1A6D
content-md5: gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime: 375
x-swift-savetime: Tue, 09 Aug 2022 06:59:20 GMT
content-length: 9941
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15290110112012039273
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1660026935
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=493, s-maxage=1800
served-from: 23.199.73.158
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62e9616600283603776715e
x-oss-server-time: 6

GET
H2 200 start-render.png
ae01.alicdn.com/wimg/monitor/ Frame BA1C 949 B
1 KB 1608ms
175ms Image
image/png 79.133.177.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/wimg/monitor/start-render.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.251 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

56d989eabce7e1f6ba7b90ccae9a241398f2f92e80315d15a48f9c12ac0f36fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 08:36:44 GMT
via: cache4.l2ot7-1[502,502,304-0,H], cache24.l2ot7-1[505,0], cache6.de3[0,0,200-0,H], cache14.de3[13,0]
eagleeye-traceid: 4f85b19a16598614041753110e
age: 168684
x-cache: HIT TCP_MEM_HIT dirn:13:11999767
x-swift-cachetime: 172800
x-swift-savetime: Sun, 07 Aug 2022 08:36:44 GMT
content-length: 949
last-modified: Thu, 22 Jun 2017 10:28:30 GMT
server: Tengine
cdn-type: alibaba
strict-transport-security: max-age=0
ali-swift-global-savetime: 1659861404
content-type: image/png
traceid: 4f85b19a16598614041753110e
cache-control: max-age=172800
accept-ranges: bytes
timing-allow-origin: *, *
eagleid: 4f85b1a216600300882213785e
expires: Tue, 09 Aug 2022 08:36:44 GMT

GET
H2 200 bl.js Show response
assets.alicdn.com/g/retcode/cloud-sdk/ Frame BA1C 41 KB
13 KB 120ms
120ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/retcode/cloud-sdk/bl.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:06 GMT
content-encoding: br
x-oss-request-id: 62EF58FFBA71693931F869C8
content-md5: 4x6tcG5Vt8TBANh6WSjwmQ==
x-swift-cachetime: 60
x-oss-hash-crc64ecma: 7956181089051082725
x-swift-savetime: Sun, 07 Aug 2022 06:17:35 GMT
content-length: 12983
x-oss-object-type: Normal
last-modified: Sun, 07 Aug 2022 06:19:31 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1659853055
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=64929, s-maxage=60
served-from: 23.200.238.178
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_CHICAGO_35994, GB_LONDON_201011
eagleid: 81e3ce9f16598530552592752e
x-oss-server-time: 8
expires: Wed, 10 Aug 2022 01:30:15 GMT

GET
H2 200 Hef9c4bcb621f4b1ebc69160e597897edU.png
ae01.alicdn.com/kf/ Frame BA1C 21 KB
21 KB 1493ms
68ms Image
image/png 79.133.177.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/Hef9c4bcb621f4b1ebc69160e597897edU.png

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.251 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 02:33:01 GMT
via: cache38.l2ot7-1[0,0,206-0,H], cache17.l2ot7-1[0,0], cache9.de3[0,0,200-0,H], cache14.de3[16,0]
eagleeye-traceid: 2ff6189716600123808693307e
age: 17707
x-cache: HIT TCP_MEM_HIT dirn:12:471083212
x-swift-cachetime: 86399995
x-swift-savetime: Tue, 09 Aug 2022 02:33:06 GMT
content-length: 20992
access-control-allow-origin: *
last-modified: Sun, 10 Apr 2022 15:50:27 GMT
server: Tengine
cdn-type: alibaba
strict-transport-security: max-age=0
ali-swift-global-savetime: 1660012381
content-type: image/png
traceid: 2ff6189716600123808693307e
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleid: 4f85b1a216600300882173770e

GET
H2 200 Hee223875f9f74af385b2e302dfc0e4bbM.png
ae01.alicdn.com/kf/ Frame BA1C 30 KB
30 KB 1528ms
104ms Image
image/png 79.133.177.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/Hee223875f9f74af385b2e302dfc0e4bbM.png

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.251 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

14a58481f4ae2bcd2887b9ed07d06601d92c9d8e133c9c225ebfc2f576820fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 03:01:20 GMT
via: cache35.l2ot7-1[0,0,206-0,H], cache38.l2ot7-1[1,0], cache4.de3[0,0,200-0,H], cache14.de3[12,0]
eagleeye-traceid: 082d349816505964802845989e
age: 9433608
x-cache: HIT TCP_MEM_HIT dirn:13:649003458
x-swift-cachetime: 77055417
x-swift-savetime: Mon, 08 Aug 2022 06:44:23 GMT
content-length: 30435
access-control-allow-origin: *
last-modified: Fri, 22 Nov 2019 13:06:15 GMT
server: Tengine
cdn-type: alibaba
strict-transport-security: max-age=0
ali-swift-global-savetime: 1650596480
content-type: image/png
traceid: 082d349816505964802845989e
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleid: 4f85b1a216600300882213772e

GET
H2 200 open-sans.woff
i.alicdn.com/ams-static/3.0.0/node_modules/@alife/beta-apollo/src/font/ Frame BA1C 29 KB
30 KB 274ms
69ms Font
font/woff 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/node_modules/@alife/beta-apollo/src/font/open-sans.woff

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ams-static/3.0.0/global/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-160-13.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

29cae7cd39e3675acd183aea7e129ff6264585f2b900821552a1152c7c5aef6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.alicdn.com/ams-static/3.0.0/global/base.css
Origin: https://sale.aliexpress.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-swift-cachetime: 13830811
fw_ip: 104.96.160.13
x-readtime: 334
server-timing: rt;dur=0.337,eagleid;desc=2ff6029616091570830548297e
x-new-origin: 1
content-length: 29680
x-xss-protection: 1; mode=block
x-swift-savetime: Wed, 21 Jul 2021 10:11:12 GMT
server: Tengine
date: Tue, 09 Aug 2022 07:28:07 GMT
x-download-options: noopen
ali-swift-global-savetime: 1609157083
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=9045469
served-from: 104.96.91.52
timing-allow-origin: *, *, *
network_info: GB_LONDON_201011
eagleid: 2ff6029616091570830548297e, 2ff62e9916375394089251706e
x-server-id: b0381a5e42020db0072a77127f27bf150f96abadfeb38bef16a2e7d22898a1418ccf041454c3613c

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame BA1C 175 KB
67 KB 273ms
67ms Fetch
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??s/8.15.21/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.21/plugin/aplus_ae.js,s/8.15.21/plugin/aplus_ac.js,s/8.15.21/aplus_int.js,s/8.15.21/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220708214152
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/retcode/cloud-sdk/bl.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 35d8f68fcdf99c4e9d6916d4266b632614c2f4276e7a99b31bc06022bdd96d59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: gzip
x-oss-request-id: 62DD60E133CB343039014637
content-md5: 7UCU22izLmNjuwSn2FwdUA==
x-swift-cachetime: 31980
x-swift-savetime: Mon, 25 Jul 2022 06:17:25 GMT
content-length: 68255
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2785021216015343907
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1658675425
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1237269, s-maxage=86400
served-from: 23.199.73.158
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62e9716587298454512321e
x-oss-server-time: 40

GET
H2 200 Ha50c3e849dd645308a8d2ce96a8a5f48a.png
ae01.alicdn.com/kf/ Frame BA1C 33 KB
33 KB 1372ms
122ms Image
image/png 79.133.177.251

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/Ha50c3e849dd645308a8d2ce96a8a5f48a.png
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.133.177.251 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: b30ce4d226c5dec6d653041a183614a301dcaa266ca57f4c8c57914de2fa3256

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 21:19:34 GMT
via: cache1.l2ot7-1[0,0,206-0,H], cache8.l2ot7-1[0,0], cache13.de3[0,0,200-0,H], cache14.de3[13,0]
age: 57146914
x-cache: HIT TCP_MEM_HIT dirn:13:109469705
x-swift-cachetime: 29341330
x-swift-savetime: Mon, 08 Aug 2022 06:57:24 GMT
cdn-type: alibaba
x-application-context: fileserver2-download:prod,us:7001
last-modified: Tue, 17 Sep 2019 09:33:11 GMT
server: Tengine
ali-swift-global-savetime: 1602883174
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400000
content-length: 33538
timing-allow-origin: *
eagleid: 4f85b1a216600300882213778e

GET
H2 200 H009a0ba7e43c475fa2a715d85319a288X.png
ae01.alicdn.com/kf/ Frame BA1C 786 KB
787 KB 1407ms
158ms Image
image/png 79.133.177.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/H009a0ba7e43c475fa2a715d85319a288X.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.251 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

55c2536030cf89dc3d5e4333d87fe27a7ec95821b0061d54d4a775f371632c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:26:06 GMT
via: cache16.l2ot7-1[0,1,206-0,H], cache33.l2ot7-1[2,0], cache1.de3[0,0,200-0,H], cache14.de3[13,0]
eagleeye-traceid: 2ff6079516595115661152689e
age: 518522
x-cache: HIT TCP_MEM_HIT dirn:12:107683931 mlen:0
x-swift-cachetime: 85969712
x-swift-savetime: Mon, 08 Aug 2022 06:57:34 GMT
content-length: 804517
access-control-allow-origin: *
last-modified: Tue, 17 Sep 2019 09:13:34 GMT
server: Tengine
cdn-type: alibaba
strict-transport-security: max-age=0
ali-swift-global-savetime: 1659511566
content-type: image/png
traceid: 2ff6079516595115661152689e
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleid: 4f85b1a216600300882213780e

GET
H2 200 android.png
i.alicdn.com/ae-footer/20190918153024/common/img/ Frame BA1C 358 B
988 B 69ms
68ms Image
image/png 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-footer/20190918153024/common/img/android.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-160-13.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-swift-cachetime: 8014521
fw_ip: 104.96.160.13
x-server-id: b0381a5e42020db0072a77127f27bf15c2c97622f489282e44a7cf7c5e1fc544f1442cd4e182044e
x-readtime: 197
server-timing: rt;dur=0.199,eagleid;desc=2ff602a016086451756571509e
x-new-origin: 1
content-length: 358
x-xss-protection: 1; mode=block
x-swift-savetime: Mon, 20 Sep 2021 19:37:35 GMT
server: Tengine
date: Tue, 09 Aug 2022 07:28:06 GMT
x-download-options: noopen
ali-swift-global-savetime: 1608645176
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=8533585
served-from: 104.96.91.118
timing-allow-origin: *, *, *
network_info: GB_LONDON_201011
eagleid: 2ff602a016086451756571509e, a3b5329d16370274935568952e
expires: Wed, 16 Nov 2022 01:54:31 GMT

GET
H2 200 apple.png
i.alicdn.com/ae-footer/20190918153024/common/img/ Frame BA1C 377 B
1020 B 70ms
69ms Image
image/png 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-footer/20190918153024/common/img/apple.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-160-13.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-swift-cachetime: 20591514
fw_ip: 104.96.160.13
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00f44ad1201879760c43328d48de7b301be3617112567202689
x-readtime: 253
server-timing: rt;dur=0.255,eagleid;desc=4f85b19616401813135173333e
x-new-origin: 1
content-length: 377
x-xss-protection: 1; mode=block
x-swift-savetime: Thu, 28 Apr 2022 06:03:19 GMT
server: Tengine
date: Tue, 09 Aug 2022 07:28:06 GMT
x-download-options: noopen
ali-swift-global-savetime: 1640181313
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=11687298
served-from: 23.199.73.108
timing-allow-origin: *, *, *
network_info: GB_LONDON_201011
eagleid: 4f85b19616401813135173333e, a3b5329d16565048124223263e
expires: Thu, 22 Dec 2022 13:56:24 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/ae-fe/g-loader/ Frame BA1C 11 KB
4 KB 281ms
140ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/g-loader/index.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: gzip
x-oss-request-id: 62F20C409C08D83332BF3EE4
content-md5: xm7bjw4FHdfiAqjZ0scLaQ==
x-swift-cachetime: 300
x-swift-savetime: Tue, 09 Aug 2022 07:26:56 GMT
content-length: 3956
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14554246805459894126
server: Tengine
cache-control: max-age=300,s-maxage=300
vary: Accept-Encoding
ali-swift-global-savetime: 1660030016
content-type: application/javascript
access-control-allow-origin: *
object-status: ttl=300,age=82
served-from: 23.199.73.102
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62e9b16600300160477919e
x-oss-server-time: 3

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame BA1C 100 KB
26 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26506
x-xss-protection: 0
pragma: public
x-fb-debug: 2KOzy3NyQZgfoEOo2fXhDRGvRNLQdFwrG3YIkTt7Hmvt2pF1oLt6HIZ3/C+P1SIvyazBOxdhgnzShnJY9rg7+Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 09 Aug 2022 07:28:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame BA1C 49 KB
20 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1567
date: Tue, 09 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 09:02:00 GMT

GET
H2 200 H9f160b429e0548c29e7f24631e8276e58.png
ae01.alicdn.com/kf/ Frame BA1C 106 KB
107 KB 1256ms
175ms Image
image/png 79.133.177.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/H9f160b429e0548c29e7f24631e8276e58.png

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.251 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

7d4347d089ea6666874d39adc4872bba71aced349ed7388a397fbbe7ec13efda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 03:01:26 GMT
via: cache16.l2ot7-1[0,0,206-0,H], cache10.l2ot7-1[1,0], cache3.de3[0,0,200-0,H], cache14.de3[13,0]
eagleeye-traceid: 2ff6189616505964861227526e
age: 9433602
x-cache: HIT TCP_MEM_HIT dirn:12:872744049
x-swift-cachetime: 77055598
x-swift-savetime: Mon, 08 Aug 2022 06:41:28 GMT
content-length: 109043
access-control-allow-origin: *
last-modified: Mon, 18 May 2020 02:43:05 GMT
server: Tengine
cdn-type: alibaba
strict-transport-security: max-age=0
ali-swift-global-savetime: 1650596486
content-type: image/png
traceid: 2ff6189616505964861227526e
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleid: 4f85b1a216600300882213781e

GET
H2 200 rtrg
vk.com/ Frame BA1C 49 B
578 B 268ms
92ms Image
image/gif 87.240.190.67

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-208363-3NOqH

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 -, , ASN (),

Reverse DNS

Software

kittenx / KPHP/7.4.111826

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: gzip
x-frontend: front220005
server: kittenx
x-powered-by: KPHP/7.4.111826
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame BA1C 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 06:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Aug 2022 07:55:39 GMT

GET
H3 200 1650958108523345 Show response
connect.facebook.net/signals/config/ Frame BA1C 296 KB
86 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1650958108523345?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4340dac0f2496539b1778d691533bac2834d0f106e7bc9cff661de5bf63340b9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88168
x-xss-protection: 0
pragma: public
x-fb-debug: MHLVasVrXYaakbVUSbY6R42ACBPM90H6cfG4oc+S01+t2gwSaHje8dF0OWXDKY+DCPGJhRsxkRot1Nthv7MUAQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 09 Aug 2022 07:28:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 eg.js Show response
ru.mmstat.com/ Frame BA1C 91 B
333 B 432ms
95ms Script
application/javascript 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/eg.js?t=1660030087338
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4513bacbfbcfa137ecf5e037c9bfae92988f124f5969e176ed5533b80d5c1901

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:07 GMT
stag: 2
server: nginx
etag: "h/p4GwVA8SsCAVLHgi2/irez"
content-type: application/javascript
cache-control: no-cache
content-length: 91
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
assets.alicdn.com/g/ Frame BA1C 502 B
816 B 69ms
68ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/??ae-ru/aer-gtm/main2.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/g-loader/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 82fe218fa264e98b0bb927b41f2dcb8e00c6ae070f985c669726b6d82ab78fde

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: gzip
x-oss-request-id: 62F19756133BAF3035833037
content-md5: mrAkvrpM0sRa0GRDgPs0pA==
x-swift-cachetime: 60
x-swift-savetime: Mon, 08 Aug 2022 23:08:06 GMT
content-length: 360
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17258456458180904391
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1660000086
content-type: application/javascript
access-control-allow-origin: *
served-from: 23.199.73.141
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62e9916600000867557115e
x-oss-server-time: 1

GET
H3 200 /
www.facebook.com/tr/ Frame BA1C 44 B
88 B 68ms
68ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1650958108523345&ev=PageView&dl=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a&rl=http%3A%2F%2Fdaily.com.ua%2F&if=true&ts=1660030087394&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&it=1660030087228&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 09 Aug 2022 07:28:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame BA1C 211 KB
64 KB 297ms
63ms Script
application/javascript 2a00:1450:4001:82f::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RPK3ZC

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??ae-ru/aer-gtm/main2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20fef418b12ae5524034cd9b3b223a9aa62367ca705c9316825a1d01268edacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65240
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Aug 2022 07:28:07 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/sd/baxia-entry/ Frame BA1C 2 KB
2 KB 69ms
68ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=230559
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: ee4c4a06616979aaa2cfeffba5c8e5fad7cbdbc5850e89d41c9dbbb3e1717fb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: gzip
x-oss-request-id: 62EB75D10833CB3331DC0419
content-md5: 8Sd3Zj0YQ4OjLLYZxi0iNQ==
x-swift-cachetime: 900
x-oss-hash-crc64ecma: 5381941029495664011
x-swift-savetime: Thu, 04 Aug 2022 07:31:29 GMT
content-length: 1157
x-oss-object-type: Normal
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1659598289
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=118, s-maxage=900
served-from: 23.47.58.155
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: SA_RIYADH_25019, GB_LONDON_201011
eagleid: 2ff6149916595982889024085e
x-oss-server-time: 7
expires: Tue, 09 Aug 2022 07:30:05 GMT

GET
H2 200 g.gif
ru.mmstat.com/ Frame BA1C 43 B
291 B 95ms
95ms Image
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ru.mmstat.com/g.gif?logtype=0&title=&pre=http%3A%2F%2Fdaily.com.ua%2F&scr=1600x1200&_p_url=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a&cna=h/p4GwVA8SsCAVLHgi2/irez&spm-cnt=a2g0o.ams_103775_dfcon.0.0.2cfdkdCJkdCJqk&aplus=&sidx=aplusSidx&pageid=1828180eef178d0c7449068c235e5d85e2f2482cf4&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Bacs_rt%3Db96d9e4b3b314ff2b5e050ca8720d09a%7Caep_usuc_f%3D-%7Caeu_cid%3D-%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=win10&b=chrome99&s=1600x1200&w=webkit&ism=pc&cache=99bbe8e&lver=8.15.21&jsver=aplus_int&pver=0.7.11&_pw=801&_ph=601&tag=0&stag=2&lstag=0&_slog=0
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:07 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame BA1C 205 KB
71 KB 184ms
183ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1b180241b262c5bd3dc07342b4bff2d11660801a558354699513cbc52cb79280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: br
last-modified: Mon, 08 Aug 2022 11:59:56 GMT
etag: "62f0d08c-118ed"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71917
expires: Tue, 09 Aug 2022 08:28:07 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ Frame BA1C 104 KB
23 KB 168ms
167ms Script
application/x-javascript 87.240.190.67

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.67 -, , ASN (),
Reverse DNS
Software: kittenx /
Resource Hash: f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: br
x-frontend: front220005
last-modified: Tue, 15 Mar 2022 10:42:47 GMT
server: kittenx
etag: "62306da7-5b1b"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23323
expires: Sat, 13 Aug 2022 07:28:07 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ Frame BA1C 26 KB
11 KB 410ms
173ms Script
application/javascript 95.163.52.67

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: daily.com.ua
URL: http://daily.com.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bd375adfdf14a6b4f438327f7c0a701381f42cb0f183d3670f12db19d6cfc039

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Mon, 04 Jul 2022 20:25:23 GMT
server: nginx
etag: W/"62c34cb3-69b5"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 09 Aug 2022 08:28:08 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/secdev/entry/ Frame BA1C 6 KB
4 KB 69ms
68ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=230559
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 854f681d1dacdae0195d5f1ccf3f98028d727a02aaf2bb3cbffd98adb64ac116

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: gzip
x-oss-request-id: 62EB65A05E5D6838393DAC80
content-md5: B4KA4C5fWzwPKntoJs1uFw==
x-swift-cachetime: 3600
x-oss-hash-crc64ecma: 940465563141125023
x-swift-savetime: Thu, 04 Aug 2022 06:22:25 GMT
content-length: 3084
x-oss-object-type: Normal
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1659594145
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=108, s-maxage=3600
served-from: 23.201.194.22
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: ID_MEDAN_23679, GB_LONDON_201011
eagleid: 0826799b16595941447091018e
x-oss-server-time: 4
expires: Tue, 09 Aug 2022 07:29:55 GMT

GET
H2 200 baxiaCommon.js Show response
assets.alicdn.com/g/sd/baxia/2.2.2/ Frame BA1C 25 KB
8 KB 72ms
72ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/sd/baxia/2.2.2/baxiaCommon.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=230559
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a95355f826e9f8cdbce7ec47d9bf30deab8447080afb113be0c96a416f88449c

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: br
x-oss-request-id: 62E238F917A3813931C7B5BD
content-md5: Nw+TfLKRLM98mP3/38fp2w==
x-swift-cachetime: 86400
x-oss-hash-crc64ecma: 3814886829150220806
x-swift-savetime: Thu, 28 Jul 2022 07:21:29 GMT
content-length: 7899
x-oss-object-type: Normal
last-modified: Thu, 28 Jul 2022 07:21:30 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1658992889
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1554761, s-maxage=86400
served-from: 23.44.7.133
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_SANTACLARA_20940, GB_LONDON_201011
eagleid: a3b5279e16589928892592978e
x-oss-server-time: 2
expires: Sat, 27 Aug 2022 07:20:48 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame BA1C 44 B
88 B 68ms
68ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1650958108523345&ev=Microdata&dl=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a&rl=http%3A%2F%2Fdaily.com.ua%2F&if=true&ts=1660030087898&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22activity%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsale.aliexpress.com%2Fcontinuation_default.htm%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fae01.alicdn.com%2Fkf%2FHTB18eCBQXXXXXXfXXXX760XFXXXa.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&it=1660030087228&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 09 Aug 2022 07:28:07 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/secdev/sufei_data/3.9.10/ Frame BA1C 17 KB
7 KB 73ms
72ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/secdev/sufei_data/3.9.10/index.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=230559
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 8a978233505986e37cf952a7656e6c31f4a8d13902d76c68f28de30bf9f1d57c

Request headers

Referer: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Origin: https://sale.aliexpress.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: br
x-oss-request-id: 62E6C5110205A43135415EB7
content-md5: CtQlEVirudc6Vat90k+/Zg==
x-swift-cachetime: 78401
x-oss-hash-crc64ecma: 13500841233386616122
x-swift-savetime: Sun, 31 Jul 2022 20:21:36 GMT
content-length: 6785
x-oss-object-type: Normal
last-modified: Mon, 01 Aug 2022 06:19:23 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1659290897
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1852858, s-maxage=86400
served-from: 2.22.23.143
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_CHICAGO_35994, GB_LONDON_201011
eagleid: 2ff6329c16593347631697418e
x-oss-server-time: 35
expires: Tue, 30 Aug 2022 18:09:05 GMT

GET
H2 200 g Show response
assets.alicdn.com/ Frame BA1C 130 KB
56 KB 79ms
78ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=230559
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 7c3f57578998b0b2eb65a73debe0a9aa882f094f40827a7ebbef211ef475d665

Request headers

Referer: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Origin: https://sale.aliexpress.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: gzip
x-oss-request-id: 62F08D0213694735349EF7F6
content-md5: tdHs2vb8MWxdmyWdkGWDug==
x-swift-cachetime: 8539
x-swift-savetime: Tue, 09 Aug 2022 01:49:27 GMT
content-length: 56543
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12800617583171053160
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1659931906
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=66124, s-maxage=86400
served-from: 104.96.91.79
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62e9916600097675937281e
x-oss-server-time: 6

GET
H2 200 et_f.js Show response
assets.alicdn.com/g/AWSC/et/1.62.5/ Frame BA1C 99 KB
31 KB 104ms
104ms Script
application/javascript 104.96.160.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/AWSC/et/1.62.5/et_f.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=230559
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.96.160.13 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-160-13.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 30eb1cb41cbc9145b5c0b8f7307e4aa3fee46b58886da757a01489c2a3c7ac27

Request headers

Referer: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Origin: https://sale.aliexpress.ru
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:07 GMT
content-encoding: br
x-oss-request-id: 62CBEA691BFB403330C301AB
content-md5: o8EIvgUjdPXVwoEuJeqmgg==
x-swift-cachetime: 86400
x-oss-hash-crc64ecma: 12624825629146983726
x-swift-savetime: Mon, 11 Jul 2022 09:16:26 GMT
content-length: 30884
x-oss-object-type: Normal
last-modified: Mon, 11 Jul 2022 09:16:27 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1657530986
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2422690, s-maxage=86400
served-from: 95.101.142.205
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: US_CHICAGO_35994, GB_LONDON_201011
eagleid: 2ff62c9816575309856552969e
x-oss-server-time: 114
expires: Tue, 06 Sep 2022 08:26:17 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame BA1C 43 B
75 B 95ms
95ms Ping
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sale.aliexpress.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:07 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame BA1C 43 B
98 B 95ms
95ms Ping
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sale.aliexpress.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame BA1C 43 B
75 B 95ms
95ms Ping
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sale.aliexpress.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame BA1C 43 B
75 B 96ms
96ms Ping
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sale.aliexpress.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame BA1C 43 B
75 B 96ms
95ms Ping
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sale.aliexpress.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame BA1C 43 B
75 B 183ms
183ms Ping
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sale.aliexpress.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame BA1C 43 B
75 B 187ms
187ms Ping
image/gif 47.246.133.151

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: daily.com.ua
URL: http://daily.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.133.151 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://sale.aliexpress.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET ts
fourier.aliexpress.com/ Frame BA1C 0
0

GET
H2 200 rtrg
vk.com/ Frame BA1C 49 B
363 B 92ms
92ms Image
image/gif 87.240.190.67

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-1297936-4yE21&metatag_url=https%3A%2F%2Fsale.aliexpress.com%2Fcontinuation_default.htm

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 -, , ASN (),

Reverse DNS

Software

kittenx / KPHP/7.4.111826

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:08 GMT
content-encoding: gzip
x-frontend: front220005
server: kittenx
x-powered-by: KPHP/7.4.111826
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET rp
fourier.taobao.com/ Frame BA1C 0
0

GET
H2 200 29739640 Show response
mc.yandex.com/watch/ Frame BA1C 1 KB
1 KB 93ms
93ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29739640?wmode=7&page-url=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a&page-ref=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A1596069376857%3Ahid%3A688812420%3Az%3A0%3Ai%3A20220809072808%3Aet%3A1660030088%3Ac%3A1%3Arn%3A578985068%3Arqn%3A1%3Au%3A1660030088454999969%3Aw%3A801x601%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1660030082655%3Ads%3A0%2C0%2C104%2C1%2C3727%2C0%2C%2C472%2C9%2C%2C%2C%2C4305%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660030088%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.2.2/baxiaCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

91454b54d0145d637e3cf4decf201a4765f473eaea4d7d3f117b7bcf97f0b1f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 09-Aug-2022 07:28:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sale.aliexpress.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 1198
x-xss-protection: 1; mode=block
expires: Tue, 09-Aug-2022 07:28:08 GMT

GET
H2 200 64660789 Show response
mc.yandex.com/watch/ Frame BA1C 1 KB
1 KB 97ms
95ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/64660789?wmode=7&page-url=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a&page-ref=http%3A%2F%2Fdaily.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A2%3Adp%3A0%3Als%3A1366938987420%3Ahid%3A688812420%3Az%3A0%3Ai%3A20220809072808%3Aet%3A1660030088%3Ac%3A1%3Arn%3A9213107%3Arqn%3A1%3Au%3A1660030088454999969%3Aw%3A801x601%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1660030082655%3Ads%3A0%2C0%2C104%2C1%2C3727%2C0%2C%2C472%2C9%2C%2C%2C%2C4305%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660030088%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)ecs(0)rqnl(1)ti(2)

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.2.2/baxiaCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

89b2fa54d172e6f9072718db5b1489d910b4546ff1c957f1b797c878e18e4ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 09-Aug-2022 07:28:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sale.aliexpress.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 1202
x-xss-protection: 1; mode=block
expires: Tue, 09-Aug-2022 07:28:08 GMT

GET
H2 200 ts
fourier.aliexpress.com/ Frame BA1C 0
0 1558ms
124ms Image
application/json 47.254.177.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fourier.aliexpress.com/ts?url=https%3A%2F%2Fmc.yandex.com%2Fwatch%2F29739640%3Fwmode%3D7%26page-url%3Dhttps%253A%252F%252Fsale.aliexpress.ru%252Fru%252F__pc%252Fcontinuation_default.htm%253Faf%253Da%25265716%2526cn%253D-%2526cv%253D765823%2526dp%253D82.199.130.45%2526aff_fcid%253Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%2526tt%253DCPS_NORMAL%2526aff_fsk%253D_AtqYLP%2526aff_platform%253Dportals-tool%2526sk%253D_AtqYLP%2526aff_trace_key%253Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%2526terminal_id%253Db96d9e4b3b314ff2b5e050ca8720d09a%26page-ref%3Dhttp%253A%252F%252Fdaily.com.ua%252F%26charset%3Dutf-8%26browser-info%3Dpv%253A1%253Agdpr%253A14%253Avf%253A1hc9dnhfark502dexbw1k%253Afu%253A0%253Aen%253Autf-8%253Ala%253Aen-US%253Av%253A850%253Acn%253A1%253Adp%253A0%253Als%253A1596069376857%253Ahid%253A688812420%253Az%253A0%253Ai%253A20220809072808%253Aet%253A1660030088%253Ac%253A1%253Arn%253A578985068%253Arqn%253A1%253Au%253A1660030088454999969%253Aw%253A801x601%253As%253A1600x1200x24%253Ask%253A1%253Aifr%253A1%253Acpf%253A1%253Ans%253A1660030082655%253Ads%253A0%252C0%252C104%252C1%252C3727%252C0%252C%252C472%252C9%252C%252C%252C%252C4305%253Awv%253A2%253Aco%253A0%253Arqnl%253A1%253Ast%253A1660030088%253At%253A%26t%3Dgdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)&token=BODgXcq-ltEaNSrVBmbQSjZTse6y6cSzHcZHzlrxrPuOVYB_AvmUQ7Zj7WVVfnyL&cna=h%2Fp4GwVA8SsCAVLHgi2%2Firez&ext=0
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 47.254.177.101 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET ts
fourier.aliexpress.com/ Frame BA1C 0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame BA1C 43 B
136 B 98ms
92ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:08 GMT
last-modified: Mon, 08 Aug 2022 11:59:56 GMT
etag: "62f0d08c-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Aug 2022 08:28:08 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ Frame BA1C 43 B
959 B 87ms
87ms Image
image/gif 95.163.52.67

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3171181;u=https%3A//sale.aliexpress.ru/ru/__pc/continuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a;r=http%3A//daily.com.ua/;st=1660030086960;pid=-;s=1600*1200;vp=801*601;touch=0;hds=1;frame=1;flash=;sid=af99d00f0192357d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.7//4g/0/0/;lvid=1660030088254%3A1660030088255%3A1%3Af649dfd6bb86af36355968058a33d8e7;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.38151544421389816

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 counter
top-fwz1.mail.ru/ Frame BA1C 43 B
961 B 88ms
88ms Image
image/gif 95.163.52.67

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3074137;u=https%3A//sale.aliexpress.ru/ru/__pc/continuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a;r=http%3A//daily.com.ua/;st=1660030086960;pid=-;s=1600*1200;vp=801*601;touch=0;hds=1;frame=1;flash=;sid=af99d00f0192357d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.7//4g/0/0/;lvid=1660030088254%3A1660030088256%3A2%3Af649dfd6bb86af36355968058a33d8e7;opts=sec%2Cdl%2Cjst-gtag-ga-ym;visible=true;_=0.6375678628823842

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:28:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 sync_cookie Show response
an.yandex.ru/ Frame BA1C 182 B
558 B 615ms
96ms XHR
application/json 2a02:6b8::90

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/sync_cookie?wmode=7&duid=1660030088454999969&hid=688812420

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia/2.2.2/baxiaCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

63c4a496badd93860084103fdf0c769d664502ef32b4dc15e44431ea7f42b33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:08 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 07:28:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sale.aliexpress.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 09 Aug 2022 07:28:08 GMT

GET
H2

200

/
an.yandex.ru/mapuid/google/ Frame BA1C
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_ag&enable_guid_cm_redir=1&google_ula=7186619844&duid=1660030088454999969
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_ag&enable_guid_cm_redir=1&google_ula=7186619844&duid=1660030088454999969
https://cm.g.doubleclick.net/pixel?google_hm=1944B8AD3ECA4733&google_nid=yandex_ag&google_ula=7186619844&google_cm
https://an.yandex.ru/mapuid/google/?partner-tag=yandex_ag&ssp-id=17298340&google_gid=CAESEDcGxkl6d8Bwzd3D0VIyPzY&google_cver=1&google_ula=7186619844,0

43 B
99 B

100ms
100ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_ag&ssp-id=17298340&google_gid=CAESEDcGxkl6d8Bwzd3D0VIyPzY&google_cver=1&google_ula=7186619844,0

Requested by

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:09 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 07:28:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 09 Aug 2022 07:28:09 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/mapuid/google/?partner-tag=yandex_ag&ssp-id=17298340&google_gid=CAESEDcGxkl6d8Bwzd3D0VIyPzY&google_cver=1&google_ula=7186619844,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame BA1C
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/?duid=1660030088454999969
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1&duid=1660030088454999969
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6E3FAE55AF84E610
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6E3FAE55AF84E610&crf=1

68 B
607 B

65ms
64ms

Image
image/png

188.42.196.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=6E3FAE55AF84E610&crf=1
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Server: 188.42.196.115 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=6E3FAE55AF84E610&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

sync
t.adx.opera.com/ Frame BA1C
Redirect Chain

https://an.yandex.ru/mapuid/operacom/?duid=1660030088454999969
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1&duid=1660030088454999969
https://t.adx.opera.com/sync?vendor=60143&uid=990BED7400D5D287

35 B
463 B

156ms
51ms

Image
image/gif

82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=990BED7400D5D287
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5716&cn=-&cv=765823&dp=82.199.130.45&aff_fcid=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP&terminal_id=b96d9e4b3b314ff2b5e050ca8720d09a
Protocol: H2
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:09 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 07:28:09 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 07:28:09 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=990BED7400D5D287
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 09 Aug 2022 07:28:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jsn.lentainform.com
URL: http://jsn.lentainform.com/d/a/daily.com.ua.6158.js?t=122797

Domain: jsn.dt00.net
URL: http://jsn.dt00.net/d/a/daily.com.ua.13443.js?t=1227

Domain: fourier.aliexpress.com
URL: https://fourier.aliexpress.com/ts?url=http%3A%2F%2Fdaily.com.ua%2F&token=BB4epDgo8LuolCTf9JA2cIRNb7Rg3-JZD6jJRMinimFc677FMG8yaUSN429nSNpx&cna=h%2Fp4GwVA8SsCAVLHgi2%2Firez&ext=1

Domain: fourier.taobao.com
URL: https://fourier.taobao.com/rp?ext=51&data=jm_h/p4GwVA8SsCAVLHgi2/irez&random=821805115415168&href=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%265716%26cn%3D-%26cv%3D765823%26dp%3D82.199.130.45%26aff_fcid%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%26terminal_id%3Db96d9e4b3b314ff2b5e050ca8720d09a&protocol=https:

Domain: fourier.aliexpress.com
URL: https://fourier.aliexpress.com/ts?url=https%3A%2F%2Fmc.yandex.com%2Fwatch%2F64660789%3Fwmode%3D7%26page-url%3Dhttps%253A%252F%252Fsale.aliexpress.ru%252Fru%252F__pc%252Fcontinuation_default.htm%253Faf%253Da%25265716%2526cn%253D-%2526cv%253D765823%2526dp%253D82.199.130.45%2526aff_fcid%253Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%2526tt%253DCPS_NORMAL%2526aff_fsk%253D_AtqYLP%2526aff_platform%253Dportals-tool%2526sk%253D_AtqYLP%2526aff_trace_key%253Db6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%2526terminal_id%253Db96d9e4b3b314ff2b5e050ca8720d09a%26page-ref%3Dhttp%253A%252F%252Fdaily.com.ua%252F%26charset%3Dutf-8%26browser-info%3Dpv%253A1%253Agdpr%253A14%253Avf%253A1hc9dnhfark502dexbw1k%253Afu%253A0%253Aen%253Autf-8%253Ala%253Aen-US%253Av%253A850%253Acn%253A2%253Adp%253A0%253Als%253A1366938987420%253Ahid%253A688812420%253Az%253A0%253Ai%253A20220809072808%253Aet%253A1660030088%253Ac%253A1%253Arn%253A9213107%253Arqn%253A1%253Au%253A1660030088454999969%253Aw%253A801x601%253As%253A1600x1200x24%253Ask%253A1%253Aifr%253A1%253Acpf%253A1%253Ans%253A1660030082655%253Ads%253A0%252C0%252C104%252C1%252C3727%252C0%252C%252C472%252C9%252C%252C%252C%252C4305%253Awv%253A2%253Aco%253A0%253Arqnl%253A1%253Ast%253A1660030088%253At%253A%26t%3Dgdpr(14)clc(0-0-0)aw(1)rqnt(1)ecs(0)rqnl(1)ti(2)&token=BGFhX0PZp8Jjugu2P2FBuT_McC17DtUAhIkmbcM2XWjHKoH8C17l0I9sjMas-W04&cna=h%2Fp4GwVA8SsCAVLHgi2%2Firez&ext=0

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

160 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
daily.com.ua/	1970-01-20 13:39:48	Name: sid Value: 0liikg5rnb2o2t9vpcqv5ml60p
daily.com.ua/	1969-12-31 23:59:59	Name: b Value: b
.w.uptolike.com/	1970-01-20 14:43:10	Name: utl_id2 Value: 28382322572
.w.uptolike.com/	1970-01-20 14:43:10	Name: utl_dat Value: "CIa4g4yoMBAAIIaJzpSoMCiGic6UqDAwAGdG6tiaeKPyG7v8OwaC+SE="
.daily.com.ua/	1970-01-20 14:43:10	Name: _ga Value: GA1.3.652463994.1660030083
.daily.com.ua/	1970-01-20 05:08:36	Name: _gid Value: GA1.3.201914646.1660030083
.daily.com.ua/	1970-01-20 05:07:10	Name: _gat Value: 1
.yadro.ru/	1970-01-20 13:52:08	Name: FTID Value: 1YyWo20SOXeN1YyWo2003Tdg
.yadro.ru/	1970-01-20 13:52:08	Name: VID Value: 1QJeAs1ylCON1YyWo2003TeX
.daily.com.ua/	1970-01-20 14:28:46	Name: __gads Value: ID=52e468ee286eb896-22fd3b15eacd0081:T=1660030082:RT=1660030082:S=ALNI_MbcJbdZE5zR5G7bRroyksIBRUecqA
.daily.com.ua/	1970-01-20 13:52:46	Name: _ym_uid Value: 16600300831047870787
.daily.com.ua/	1970-01-20 13:52:46	Name: _ym_d Value: 1660030083
.mc.yandex.com/	1970-01-20 05:07:10	Name: sync_cookie_csrf Value: 3122778300fake
.daily.com.ua/	1970-01-20 05:08:22	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 05:07:10	Name: sync_cookie_csrf Value: 3287832734fake
.doubleclick.net/	1970-01-20 14:28:46	Name: IDE Value: AHWqTUmkM_P-sX18t5xRRgHmc9fHezyHtfy_BI_slm0uoAC5mP3xPJkPtUa_CiVDIfE
.crypto.com/	1970-01-20 05:07:11	Name: __cf_bm Value: Laocq6sVqh.9Li_hfLhxMtTMR7TD47xZwz6wmSLM9aU-1660030083-0-AeB/W/phV8iMTHRFRwnKQgnnpNDbUUmyDEz8HQOAgrvADCzuGjt/IXqpFBghIC2NE++VZfG2mln6TVXOESPHsVc=
.iqbroker.com/	1970-01-20 05:51:48	Name: IsRestrictedCountry Value: false
.iqbroker.com/	1970-01-20 05:51:48	Name: IsRegulatedCountry Value: true
.iqbroker.com/	1970-01-20 05:51:48	Name: Country Value: de
.iqbroker.com/	1970-01-20 05:51:48	Name: CountryID Value: 78
.iqbroker.com/	1970-01-20 05:51:48	Name: landing Value: /lp/ultimate-trading/
.iqbroker.com/	1970-01-20 05:51:48	Name: aff Value: 7792
.iqbroker.com/	1970-01-20 05:51:48	Name: retrack Value:
.iqbroker.com/	1970-01-20 05:51:48	Name: affextra Value:
.iqbroker.com/	1970-01-20 05:51:48	Name: afftrack Value:
.iqbroker.com/	1970-01-20 05:51:48	Name: aff_model Value:
.iqbroker.com/	1970-01-20 05:51:48	Name: aff_ts Value: 2022-08-09T07:28:03Z
.iqbroker.com/	1970-01-20 05:51:48	Name: AffTrackGroup Value: Black_team_(partnerka)
.iqbroker.com/	1970-01-20 05:51:48	Name: Serv Value: NL
.iqbroker.com/	1970-01-20 05:51:48	Name: referrer Value: https://hlmiq.com/
.iqbroker.com/	1970-01-20 05:51:48	Name: AppID Value: id871125783
.iqbroker.com/	1970-01-20 05:17:14	Name: brand_id Value: 1
.iqbroker.com/	1970-01-20 05:51:48	Name: platform Value: 9
.iqbroker.com/	1970-01-20 05:51:48	Name: client_platform_id Value: 9
.iqbroker.com/	1970-01-20 05:51:48	Name: support_email Value: support@eu.iqoption.com
.iqbroker.com/	1970-01-20 05:51:48	Name: company_id Value: 1
.iqbroker.com/	1970-01-20 05:51:48	Name: IsAppStoreCountry Value: true
.iqbroker.com/	1970-01-20 05:51:48	Name: RedirectDomain Value: iqoption.com
.iqbroker.com/	1970-01-20 05:51:48	Name: RedirectDomains Value: iqoption.com,iqtrading.asia
.iqbroker.com/	1970-01-20 05:51:48	Name: linkPolicy Value: /en/terms-and-conditions/privacy-policy-new
.iqbroker.com/	1970-01-20 05:51:48	Name: linkTerms Value: /en/terms-and-conditions/terms-and-conditions
.yandex.com/	1970-01-20 13:52:46	Name: yandexuid Value: 8106567191660030083
.yandex.com/	1970-01-20 13:52:46	Name: yuidss Value: 8106567191660030083
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2386455981660030083
.yandex.com/	1970-01-20 14:43:10	Name: i Value: 9spo0LwcdIKHEWeE7CMd6+q2JkdL/JkB9BQxPWMO57GBxz7+n1W7WwLNqSZH4ZsrPu+WpEFAkgW4rmcHFwt3lZgW1wQ=
.yandex.com/	1970-01-20 13:52:46	Name: ymex Value: 1691566083.yrts.1660030083#1691566083.yrtsi.1660030083
chaturbate.com/	1970-01-20 05:14:22	Name: u_hr8m Value: 1
chaturbate.com/	1969-12-31 23:59:59	Name: us_hr8m Value: 1
.chaturbate.com/	1970-01-20 05:50:22	Name: affkey Value: eJwdjEEOgCAMBL9iejYSPBl+06CAkQqWcjL+3ZTjzGz2BQE3QeKNYJ7AU1VssdhbWfhS3o+APYsaHnOR2pwxKdP5LL6Q0YQhaMTIvaGK8bVa+H7HHxyJ
.chaturbate.com/	1969-12-31 23:59:59	Name: fromaffiliate Value: 1
chaturbate.com/	1970-01-20 05:07:31	Name: noads Value: 1
.chaturbate.com/	1970-01-20 14:43:10	Name: sbr Value: sec:sbr612820fe-2b67-4f5a-bcc4-590bc4e7e34a:1oLJel:cIOFA9rE3iAYEnKnEsLh_usp-2o
.chaturbate.com/	1970-01-20 05:07:11	Name: __cf_bm Value: rlMLqRiPXx75R8M13h14nYBIRVhCpK8FN5HKRdskYFY-1660030083-0-AX8q/xNnoUyj/O38j4/kUcqyQ+GKGCwD/GALYcte/mo2b/01g7tZNZv42LwX7ZF5pYTmS2S3iVbGBy2IQ3PVksY=
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=5alpkfifr4iu&acs_rt=b96d9e4b3b314ff2b5e050ca8720d09a
.aliexpress.com/	1970-01-20 14:43:10	Name: aeu_cid Value: b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP
.aliexpress.com/	1970-01-20 07:16:46	Name: xman_t Value: 8jf+elNoyhVq+QhMWsIACaLJbh1uBDDzlKfN5Qip+eK91aG23lQo25ND2YSfHZ50
.aliexpress.com/	1970-01-20 14:43:10	Name: xman_f Value: lfSi6LwAfS6vCGUDhRAs8Tn9lRBtCu64isDx4/lATWfk+ca1E+xI5cBSet/dbBTr9JFv6C0fU3wjwH4j17ZlOzmn97GMDZIJ+/9y1fZd8PVJ+gR1PKg2xg==
.aliexpress.com/	1970-01-20 14:43:10	Name: af_ss_a Value: 1
my28.roboforex.org/	1970-01-20 05:50:22	Name: PHPSESSID Value: 6irool0278r352d1dcns38mu17
.paxful.com/	1970-01-20 05:07:11	Name: __cf_bm Value: KsX0k5sxbVDteMcRRZsidvzyFuRPnXTuVqBQMEZzFLU-1660030083-0-AUzoXJdlnVMSNzWgyxp8wreJG+4/bkqWQAjKKgtwLU3OOXwOFi7JGhZcW2fhU3NMxBx6mvVRVP5fEq5Yq57oamA=
.roboforex.org/	1970-01-20 05:51:48	Name: agent_id Value: zkeb%7C%7C1662708483
my28.roboforex.org/	1970-01-20 05:07:13	Name: request_agent_id Value: zkeb
.doubleclick.net/	1970-01-20 05:07:13	Name: DSID Value: NO_DATA
.chaturbate.com/	1970-01-20 13:51:19	Name: csrftoken Value: oxlAYwWPa11zbQ7TLVjzToUqJYmiiJzIETLXkOw17wEd0Q0fyGweGCnrD3svZzdy
chaturbate.com/	1970-01-20 05:50:22	Name: stcki Value: "vLZUr3=1\054qEilRr=0\054pe5pH_=0\054pkDvH5=0\054pOtSwZ=0\054FqPd9a=1\0546pduSG=0\054aDBbcK=0\054d13oh_=1\0544E89Nm=0\0548d5ntL=1"
.lightinthebox.com/	1970-01-20 13:52:46	Name: first_visit_time Value: cd516c3896ab04ac05fce432a178bbc3
.lightinthebox.com/	1970-01-20 05:07:11	Name: vela_s_c Value: 42
.lightinthebox.com/	1970-01-20 05:07:38	Name: vela_v_c Value: 42
.lightinthebox.com/	1970-01-20 05:17:14	Name: vela_w_c Value: 42
.lightinthebox.com/	1970-01-20 05:50:22	Name: vela_m_c Value: 42
.lightinthebox.com/	1970-01-20 07:16:46	Name: vela_3m_c Value: 42
.lightinthebox.com/	1970-01-20 05:50:22	Name: vela_m_ca Value: 42
.lightinthebox.com/	1970-01-20 05:07:11	Name: vela_s Value: 62f20c83ca8f0
.lightinthebox.com/	1970-01-20 05:50:22	Name: vela_m Value: 62f20c83ca8f6
.lightinthebox.com/	1970-01-20 07:16:46	Name: vela_3m Value: 62f20c83ca8fa
.lightinthebox.com/	1970-01-20 05:07:38	Name: vela_v Value: 62f20c83ca8fe
.lightinthebox.com/	1970-01-20 05:17:14	Name: vela_w Value: 62f20c83ca902
.lightinthebox.com/	1970-01-20 05:08:36	Name: vela_device Value: desktop
.lightinthebox.com/	1970-01-20 13:52:46	Name: vela_is_first_visit Value: 1
.lightinthebox.com/	1970-01-20 06:11:58	Name: affi Value: 664b08e55c41be35e1e822fee3b61691
.lightinthebox.com/	1970-01-20 05:50:22	Name: local Value: en%7CDE%7CEUR
paxful.com/	1970-01-20 05:08:32	Name: __cflb Value: 02DiuJc4sPDmgGhTNdPAoBuf263XWhoXvfPF9kDidbZ4g
.bongacams10.com/	1970-01-20 05:07:11	Name: __cf_bm Value: H4ykDS6QyhJ4I0o0tGB1.6JEZTI7wqey2j_AFWFUkCU-1660030084-0-AXZKgpTxW0WYT17CSbLWBxJqmdt9wbisV2huNqqVFibPYEA7HxLr4k6LvRI4CD2JnmPPW1nEOn3Ltoa21ISfsVg=
.miniinthebox.com/	1970-01-20 13:52:46	Name: first_visit_time Value: cd516c3896ab04ac05fce432a178bbc3
.miniinthebox.com/	1970-01-20 05:07:11	Name: vela_s_c Value: 42
.miniinthebox.com/	1970-01-20 05:07:38	Name: vela_v_c Value: 42
.miniinthebox.com/	1970-01-20 05:17:14	Name: vela_w_c Value: 42
.miniinthebox.com/	1970-01-20 05:50:22	Name: vela_m_c Value: 42
.miniinthebox.com/	1970-01-20 07:16:46	Name: vela_3m_c Value: 42
.miniinthebox.com/	1970-01-20 05:50:22	Name: vela_m_ca Value: 42
.miniinthebox.com/	1970-01-20 05:07:11	Name: vela_s Value: 62f20c83cc967
.miniinthebox.com/	1970-01-20 05:50:22	Name: vela_m Value: 62f20c83cc972
.miniinthebox.com/	1970-01-20 07:16:46	Name: vela_3m Value: 62f20c83cc97a
.miniinthebox.com/	1970-01-20 05:07:38	Name: vela_v Value: 62f20c83cc991
.miniinthebox.com/	1970-01-20 05:17:14	Name: vela_w Value: 62f20c83cc999
.miniinthebox.com/	1970-01-20 05:08:36	Name: vela_device Value: desktop
.miniinthebox.com/	1970-01-20 13:52:46	Name: vela_is_first_visit Value: 1
.miniinthebox.com/	1970-01-20 06:11:58	Name: affi Value: 664b08e55c41be35e1e822fee3b61691
.miniinthebox.com/	1970-01-20 07:16:46	Name: feature Value: V7536_B
.miniinthebox.com/	1970-01-20 05:50:22	Name: local Value: en%7CDE%7CEUR
.creativemarket.com/	1970-01-20 05:07:11	Name: __cf_bm Value: k5y0Fh.2bp4vUFEuKCmEi0_ro2qwGxAlYKMcLK6kDWc-1660030084-0-ATylrXy/6A09YLz/EWXcbwlfJYAkL+u8RCDb9Yljznx1QXbBGSVcCFlH6SJ5rVQBngiG6nBwZQ24w8GZqrwJn7cnV1TkD+wI1l8pgdC2QuA1
get.mona.co/	1970-01-20 13:52:46	Name: _s Value: a4ftKfmt2qxRiPgnDcwixa5%2BCgUwNE2RayEnZF8DXJPapedwJdp%2FrCTQvEfuyHcg
cex.io/	1969-12-31 23:59:59	Name: cex-session Value: s%3A8muaGIrhxQNvmc3335w-MQeY.4gx100nuPnDnx3W%2F4ZDcCRM%2BjWldH7UPIEA0XswKD60
.hotels.com/	1970-01-20 05:07:11	Name: HMS Value: dc71772a-8ede-460a-b00f-29f791ba5fd8
.hotels.com/	1970-01-20 14:43:10	Name: MC1 Value: GUID=cdcc96674ac34ebaacceb2423ce17b5a
.hotels.com/	1970-01-20 14:43:10	Name: DUAID Value: cdcc9667-4ac3-4eba-acce-b2423ce17b5a
.hotels.com/	1970-01-20 14:43:10	Name: OIP Value: gdpr\|-1
.hotels.com/	1970-01-20 05:17:14	Name: CRAS Value: HCOM-CH.DIRECT.PHG.1100l95727
de.hotels.com/	1970-01-20 06:33:34	Name: akacd_pr_20 Value: 1665214084~rv=22~id=968bf4d0faf04665ed388e895091fa55
.activecampaign.com/	1970-01-20 05:07:11	Name: __cf_bm Value: zGR_IiNM8SkgBuouFc_swnxxqOGlEg.ygJKCoGsggO4-1660030084-0-ARG9snnrcYS3txFr6XD0PzOpX1SUQu/WvRC0uW7xQnVY8FMZOGYOETZ+d0dVeV0rpk3S0cWF5ukAMsgcAnapCYM=
.bongacams.com/	1969-12-31 23:59:59	Name: bonga20120608 Value: 6021485130757810d023a841f572e339
.bongacams.com/	1970-01-20 05:07:11	Name: __cf_bm Value: LJitUkqlQSknHX5FHSnblCrXAobzM2s6rZCkRldywN8-1660030084-0-AU5KUg0ZXj7NvG0RxqeKSGvGtdCAb1SJ081/AQDLwv83BLY5YfXrZx8waMiJiX58zZEjCkmy6G0oiPgPcE+xwNs=
.app.link/	1970-01-20 13:52:46	Name: _s Value: dHaJzDMfYY2YXZZvfOj2MQYuIGqv2nYVFGxYz21%2FRYCnNr5U3LyIOBpKSSWFDhSB
www.hotelscombined.com/	1970-01-20 14:43:10	Name: Apache Value: UseCLQ-AAABgoGA5iM-7d-YFtcSw
www.hotelscombined.com/	1970-01-20 05:07:12	Name: cluster Value: 5
www.hotelscombined.com/	1970-01-20 14:43:10	Name: kayak Value: bEOEtMlkUiG_S94OTusX
www.hotelscombined.com/	1969-12-31 23:59:59	Name: p1.med.sid Value: R-5$uhO6CCclkwA0fwYWgD$-1OKrlY2ycmAUASGLqnxwN1DWSzcYaTXe0nGX13HDh
www.hotelscombined.com/	1970-01-20 05:50:22	Name: kanid Value: kan_172493
www.hotelscombined.com/	1970-01-20 14:43:10	Name: languageCode Value: EN
www.hotelscombined.com/	1970-01-20 14:43:10	Name: currencyCode Value: USD
www.hotelscombined.com/	1970-01-20 14:43:10	Name: kmkid Value: AMPLnkzDtWLosKZRuMdFVyg
www.hotelscombined.com/	1970-01-20 05:50:22	Name: a_aid Value: 172493
www.hotelscombined.com/	1969-12-31 23:59:59	Name: brandId Value:
www.hotelscombined.com/	1969-12-31 23:59:59	Name: label Value:
www.hotelscombined.com/	1970-01-20 05:50:22	Name: Mobile Value: 0
www.hotelscombined.com/	1970-01-20 05:50:22	Name: visitor Value: id=973f5631-c8d6-4a2e-8c20-b6d99b1b31c2&tracked=false
www.hotelscombined.com/	1970-01-20 05:07:24	Name: visit Value: date=2022-08-09T17:28:04.674473+10:00&id=d4f60de7-1c9e-4844-b329-d10fb91f57ab
www.hotelscombined.com/	1969-12-31 23:59:59	Name: QueryBasedAffiliate Value: 11
www.hotelscombined.com/	1970-01-20 14:43:10	Name: kayak.mc Value: 279$bEOEtMlkUiG_S94OTusX$AatrOXNMSeHNhO6SMWVKo3haQ_LHU19nwY-9CpoiOi7JYfyLsSpE2LVo7rRNEtwedHwF22WHtw64KOiKtehEM7OZYhSjbzphoPnLuB-Nh7wkwCmq6gkLHSn9D6Ct3qMzWmNV0wuCPEyTiP3a-Lsh_NAvW4WBGeLKugnCtA-5A3YN50MLkA3qcnJXmXjlVW5UTDb2fPUFIFyPvrDqXRahXHrT2G5k2wMvGf7VNe5PyJzXIxmKaJiQh7Wj7p2JH1M2BX2fUC8eDW6GCN3m_bJKo3Q
.changelly.com/	1970-01-20 09:35:00	Name: WTP_AB_variant Value: 2
.changelly.com/	1970-01-20 05:51:48	Name: send_funds_hint_ABvariant Value: default
.changelly.com/	1970-01-20 14:43:10	Name: user_id Value: e881baca-4b13-42fe-ad6b-1a93e334b07f
.changelly.com/	1969-12-31 23:59:59	Name: ref_id Value: t68bpi9bnrma1q8f
.changelly.com/	1970-01-20 05:51:48	Name: ipcountry Value: DE
.changelly.com/	1969-12-31 23:59:59	Name: time Value: 1660030084831
.changelly.com/	1970-01-20 07:16:46	Name: __zrtbanner49 Value: b72d121c-1628-4fec-aca9-d8af34781ec3
.thelotter.com/	1970-01-20 13:52:12	Name: visid_incap_1066313 Value: Z5Ij1rx/RGy40LmtBGxxgoQM8mIAAAAAQUIPAAAAAADas2jrMz0M8oHauNYGGNsC
.thelotter.com/	1969-12-31 23:59:59	Name: incap_ses_728_1066313 Value: YwZ6UJwCTHbsUcnZQmAaCoQM8mIAAAAAm2NEmeTeD11Z+9xe81SVDA==
.mona.co/	1970-01-20 05:07:11	Name: __cf_bm Value: V.xxWOAVcUyGeAzLuD2irJsjvj.17qz.x62blyyorOY-1660030085-0-AWRKQOlGFLlSoaXOjPZd1FG0xoaey07wOOw1lNaJIxxcjOVJueaAcPEZ3/AwIi2BDPIE6XAxsDl/Bd0h3X9SL3yFm7yuhC+b+CeoyWKtFhHX
.mona.co/	1969-12-31 23:59:59	Name: __cfruid Value: 3a8173acf0612cbadc9a4561345f8cc3645cc15b-1660030085
.stripchat.com/	1970-01-20 07:16:46	Name: stripchat_com_guestId Value: 1b5ce72702d7c86997b7c2cd3a113b2e8967b1f0105ec729a339154f30b5
.stripchat.com/	1970-01-20 07:16:46	Name: stripchat_com_affiliateId Value: 73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
stripchat.com/	1970-01-20 05:08:32	Name: __cflb Value: 02DiuFntVtrkFMde1djrXQGQGA3HLVDMmGYD6UKRKejYp
.bongacams.com/	1970-01-20 09:26:22	Name: BONGAH_HIT Value: 2cada50f1232f32e1a74d6ff6d71cf08%3A%3A183346%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A%3A%3A287325%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-08-09%2010%3A28%3A04
.bongacams.com/	1970-01-20 13:52:46	Name: sg Value: 375
.bongacams.com/	1970-01-20 13:52:46	Name: warning18 Value: %5B%22de_DE%22%5D
www.thelotter.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rjmpmn0wkfuduh5mktszb4c4
.iherb.com/	1970-01-20 05:17:14	Name: ihr-ea Value: PerformanceHorizon-1101lw4CamYq
.iherb.com/	1970-01-20 05:07:11	Name: __cf_bm Value: Yw61qcgJUrnkaW4nLOH77l18vMzXsyHLuw36xBsBIzY-1660030085-0-AQuQiVjY/kbR/GPFQ7zWDijMF1kHmd9B3Eh5W0WuQOc+qtTdYaSfXfIjAHkb2U5Jx/wPS6j5EXP5O0BGo/jwtG1OjUc3hh/fKj7qG6NA5PFv
.hotels.com/	1970-01-20 14:43:10	Name: cesc Value: %7B%22aff%22%3A%5B%22AFF.HCOM-CH.DIRECT.PHG.1100l95727.1101lw4BkAca%22%2C1660030085435%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1660030085435%5D%2C%22hitNumber%22%3A%5B%222%22%2C1660030085435%5D%2C%22visitNumber%22%3A%5B%221%22%2C1660030084507%5D%2C%22cidVisit%22%3A%5B%22AFF.HCOM-CH.DIRECT.PHG.1100l95727%22%2C1660030085435%5D%2C%22entryPage%22%3A%5B%22noonewillmatchthis%22%2C1660030085435%5D%2C%22rffrid%22%3A%5B%22AFF.HCOM.CH.038.000.1100L95727.KWRD%3D1101LW4BKACA%22%2C1660030085435%5D%2C%22cid%22%3A%5B%22AFF.HCOM-CH.DIRECT.PHG.1100l95727%22%2C1660030085435%5D%7D
ch.hotels.com/	1970-01-20 06:33:34	Name: akacd_pr_20 Value: 1665214085~rv=46~id=ca15c9d15f827dd3fdd4d96e198e9044
.iherb.com/	1970-01-20 13:52:46	Name: iher-pref1 Value: storeid=0&sccode=DE&lan=de-DE&scurcode=EUR
.iherb.com/	1970-01-20 05:07:13	Name: ihr-temse Value: expires=09%20Aug%202022%2008:28:05Z
.iherb.com/	1970-01-20 13:52:46	Name: ih-preference Value: store=0&country=DE&language=de-DE&currency=EUR
.aliexpress.ru/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=_5z7l1hd8z0a&acs_rt=62c3f3f334f445419ab1139345d2b44d
.aliexpress.ru/	1970-01-20 07:16:46	Name: xman_t Value: CR6OD8n3YNqzfh9AEHxq+BTrsHWAPDh22pCU7g3HNtpq/LQIp1ooSEHSA+W624pK
.aliexpress.com/	1970-01-20 14:43:10	Name: xman_us_f Value: x_l=0&acs_rt=b96d9e4b3b314ff2b5e050ca8720d09a&x_as_i=%7B%22aeuCID%22%3A%22b6b8c8bd8d4f4054a4078887274ebda4-1660030083456-07967-_AtqYLP%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_AtqYLP%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22197548986%22%2C%22tagtime%22%3A1660030083456%7D
.aliexpress.ru/	1970-01-20 14:43:10	Name: xman_us_f Value: x_l=0&acs_rt=b96d9e4b3b314ff2b5e050ca8720d09a
.aliexpress.ru/	1970-01-20 14:43:10	Name: xman_f Value: 6X369UXnrQ/Y+mm5EiJFTXeBZavQdnxV+F8WDwbNPtCsbJrh4eTDZ9PdmnkkcGYTqp6NQSYTWAV1e0kIRJReEFFm7aCphu2zoQRC8JKUoxpu7YCvsjya4w==

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://daily.com.ua/(Line 639) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://jsn.dt00.net/d/a/daily.com.ua.13443.js?t=1227, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://daily.com.ua/(Line 639) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://jsn.dt00.net/d/a/daily.com.ua.13443.js?t=1227, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://jsn.dt00.net/d/a/daily.com.ua.13443.js?t=1227 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://jsn.lentainform.com/d/a/daily.com.ua.6158.js?t=122797 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6436997084159592&output=html&h=120&slotname=6413952667&adk=1759604640&adf=2653041513&pi=t.ma~as.6413952667&w=1040&lmt=1660030082&rafmt=12&psa=0&format=1040x120&url=http%3A%2F%2Fdaily.com.ua%2F&wgl=1&dt=1660030081969&bpp=3&bdt=546&idt=803&shv=r20220804&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&correlator=4908926299614&frm=20&pv=2&ga_vid=652463994.1660030083&ga_sid=1660030083&ga_hid=1352763636&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C21066429%2C31068814%2C31068844%2C44764002%2C31067826&oid=2&pvsid=3110358872676964&tmod=1391362559&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&ifi=1&uci=a!1&fsb=1&xpc=b6PvlshMua&p=http%3A//daily.com.ua&dtd=817 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9725.sDa_jZsS9SzUR_c6NqiDUrxUfgERsMTvkwm7rA3zLRHneDz2PSzUPBTZYCJGvI4yyDKN0U_rKEyRq5L8B-Jhfw%2C%2C.OFMQ7RvRf8VMJWT9ZGAFo453roY%2C Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/863300823173379816/index.html?v=b208246486'. The query component, including the '?', will be ignored.
network	error	URL: https://creativemarket.com/?U=agrus Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://remitano.com/join/2716653 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://localbitcoins.com/ Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.binance.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adsexample.com
ae01.alicdn.com
ajax.googleapis.com
an.yandex.ru
app.mona.co
assets.alicdn.com
bongacams.com
bongacams10.com
c.bigmir.net
c.her-ber.top
c.hit.ua
cex.io
ch.hotels.com
changelly.com
chaturbate.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
creativemarket.com
crypto.com
daily.com.ua
de.bongacams.com
de.dhgate.com
de.hotels.com
de.iherb.com
faucetpay.io
fixidle.com
fonts.googleapis.com
fonts.gstatic.com
fourier.aliexpress.com
fourier.taobao.com
freebitco.in
g.alicdn.com
get.mona.co
goods.redtram.com
googleads.g.doubleclick.net
hlmiq.com
i.alicdn.com
i.bigmir.net
img3.redtram.com
informers.sinoptik.ua
informers.ukr.net
iqbroker.com
is.gd
jsn.dt00.net
jsn.lentainform.com
kiev-security.org.ua
kinoafisha.ua
kinsta.com
localbitcoins.com
login.aliexpress.com
login.aliexpress.ru
m.tiktok.com
mc.yandex.com
mc.yandex.ru
monaco.app.link
my28.roboforex.org
odnaknopka.ru
offer.alibaba.com
pagead2.googlesyndication.com
partner.googleadservices.com
paxful.com
platinum.crypto.com
powered-by-revidy.com
rbfxdirect.com
referral.crypto.com
remitano.com
resistcorrectly.com
rtb.redtram.com
ru.mmstat.com
s.click.aliexpress.com
sale.aliexpress.ru
scontent.xx.fbcdn.net
static.xx.fbcdn.net
stripchat.com
t.adx.opera.com
top-fwz1.mail.ru
tpc.googlesyndication.com
trafmag.com
trkbng.com
vk.com
w.uptolike.com
www.activecampaign.com
www.agoda.com
www.binance.com
www.ebay.com
www.exness.com
www.exness.uk
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hotelscombined.com
www.iherb.com
www.instaforex.com
www.lightinthebox.com
www.miniinthebox.com
www.rentalcars.com
www.semrush.com
www.thelotter.com
www.tomtop.com
www.ua-region.com.ua
www.ua-region.info
fourier.aliexpress.com
fourier.taobao.com
jsn.dt00.net
jsn.lentainform.com
104.111.243.137
104.16.106.108
104.18.201.62
104.20.0.53
104.22.6.169
104.96.160.13
107.154.132.27
142.132.202.70
142.250.181.226
142.250.186.162
151.101.1.29
159.69.174.227
159.69.174.229
163.181.56.192
167.71.140.86
167.86.79.74
172.64.154.123
172.67.191.237
176.9.60.211
178.136.243.215
185.117.134.138
188.42.196.115
193.200.65.2
193.239.68.97
193.239.71.100
195.214.195.40
195.85.23.222
195.85.23.89
195.85.23.96
212.42.76.150
212.42.83.135
23.216.77.36
23.36.163.228
23.47.213.49
2600:9000:2057:5c00:19:9934:6a80:93a1
2606:2800:235:1c73:1f86:1376:22ce:2cd
2606:4700:10::6814:10f
2606:4700:10::6816:4d5a
2606:4700:10::ac43:16c4
2606:4700:20::681a:66c
2606:4700:20::ac43:490c
2606:4700:20::ac43:5384
2606:4700:4400::6812:2a83
2606:4700:4400::ac40:93b8
2606:4700::6811:3b3a
2606:4700::6811:ad20
2606:4700::6812:6528
2606:4700::6812:713a
2606:4700::6813:b729
2a00:1450:4001:806::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:400e:80c::200a
2a02:26f0:1700:383::277d
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
31.192.112.221
34.120.45.191
45.60.78.64
46.254.107.12
47.246.133.151
47.246.133.89
47.254.177.101
52.42.86.57
52.52.92.164
65.9.66.84
65.9.66.92
79.133.177.251
82.145.213.8
87.240.190.67
88.212.202.52
89.184.81.35
93.178.245.3
95.163.114.203
95.163.52.67
96.16.144.167
00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74
021390a4fcdb6d099dc2a4fe49953068fc0f62c8e0e249dc55660926668246bf
041381110b8956b02393648248133f4e081072c2e77dadf064c02977e6010e07
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
058f7d6bba6cf6f71ae4cc366f666c8bff18f5ce2e4ded5329e5771b45129a99
06c815ec4f02cf06081b0112dd5384e58abc70e2ce99c1cf0f0f98507eb205ef
07531f638ff8480af382b964ee68d940250303fc0651aa31ae0670e43fb434b6
07af4360c2212cdb2437994bbb1cb31c63d0811357f21593893ecf0214c21f07
0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b
0ce777967d0e103cfcc1c12282103c3a7502400ad2fe769a866a2e2158956a2f
0dc1287996ca28e5ece92c48a9f04e10527cd1b4c779c2b5aa4075d4bd7131db
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
0f1716b6134ab0e30a7e00a679e859fde8a4474521708142dd8bbac877e9bcf8
0f7a96073a561be945cf92a66ba461ed9caa11b840fc7215f0a24289906e2359
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b3147922d7787809af5fedc534c1c3d9d6ec13f74a81d04d2a2d01ed5cc203
14a28580c1ce910d6804d0d600c4a218a52a14f06b42afb17242e691788fb9b9
14a58481f4ae2bcd2887b9ed07d06601d92c9d8e133c9c225ebfc2f576820fee
157485050b623cb92498aa75c6103b9575b4299376db4d7a0797e9abf9fca4ce
1690966ba3257ed11a0f99ee61e232f0c917fa1e76f8b2df87d3ab970839789c
1743ae9a6ae65201af2da1aaee0367d7f3af87683d79c81c09454a7c3b4fcf68
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
1b180241b262c5bd3dc07342b4bff2d11660801a558354699513cbc52cb79280
1dbb3a3f374b82ddcb5992cf3311b3bf28b710a9b9cbd6b6601822ad3e916d21
1eb089c1d88e2a94b8be5d8f49131c374e98177ea20396f15a6c7d473cdccb74
1f574e28dff7e9ccbc2748e78a5ce36fea90351c6b9338015ef945f495d42ad8
1fed6bf4c0d6db750a87e279e41330b94a6a9b35e5ae260ead6c742aed8c1dc8
20fef418b12ae5524034cd9b3b223a9aa62367ca705c9316825a1d01268edacd
2238f31e4b749d4f58eadfd97c8537152f05702124785f4d14ddd6808bcb3cea
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
24f951604079e04853fa2530c81c65bd3527ee9b8bb3a47f353b83d110d0fc3b
254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261
261953db27cc0855b121008b1c606de50a2f3f5aecc60873ebb9751b66fd9203
26b472f9a906e7bc5fc8060cfbfa386e777acaf92c8659150c15473de21930a6
2788ec232926dbc62b87f01689a3a7279412f6857db3fe1bfba7c2d8b78c92fa
27ef13ff7c304e4859d40e9f35c30bb5b93e92f3d0cd49df881ac01505c07702
282682be187a669c21df6c2f96e9a8d1e55c66ee8cb7dbe7991730f1ea7a93b6
29cae7cd39e3675acd183aea7e129ff6264585f2b900821552a1152c7c5aef6c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d497ee2ad8ed5061744e373dc5e92ec902296a931f9c61a5ff9edb15751c60a
2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc
2e29c0fdfa9bf8250b9cd749f5787c2e86d18ab29638e36ac5003c9cafff2598
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f80b4b257ea8a3de1836269a563616fab5dae272eafdd932335a0689631e625
30eb1cb41cbc9145b5c0b8f7307e4aa3fee46b58886da757a01489c2a3c7ac27
30fe55c99d945bda75a34839569c931b0f34accd8fd8b13f885f3f30b4b8c2f0
3218b4cfd404cf1cc4b0c87b6d28ac1bb223bbf11df30c773f409563f202446b
33ae362801df6760d197feb6424b31cd4a3c0f04cb5c390e3f5fb9cec197b765
35d8f68fcdf99c4e9d6916d4266b632614c2f4276e7a99b31bc06022bdd96d59
37d0460b28e66d600e5ac7dfbb6a7c7a1cfc003c705e268967e865dc3ff5ecce
3d8fac607bd3717c45906d47fcab3a063e2efb74c85556d99ddcf369bf06e89b
3f26ea17747761cb85d65671c2bf5ab7a48909935bed5deb7be179e6ed294f8d
3f660930fae4b2fb29a4f44e1442943d342c58ef693250c688dd36ba77313a0d
4004dc11edac5c0be9d7723d6df788ad9670d3c1243a71f8f3e8ed64649462b0
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
4340dac0f2496539b1778d691533bac2834d0f106e7bc9cff661de5bf63340b9
449b8e5516b0da3febe420018a20dcab2ffb47c22c3fc50403ead61b0edd2ba0
4513bacbfbcfa137ecf5e037c9bfae92988f124f5969e176ed5533b80d5c1901
46e212dd74790b6fa72de475f364705736a8d11a7b2c5853629e702538584dee
4bf18e80e696554641362da89ff7b36f1195c6de694badcc880a9de620190ff6
4cbc50b868354039b7452633b5b5aaa7d0c25d72b0251b797bee708fc59e0299
4d41a837d150bdb5f824fccffbfd1003a500ccb2edf41c8871017a814b3ff635
4ecce58291cb048716d0ab302cac01ab9251db407337891f9a77915e6618a419
5109cc123e47efd6097f4cd8c4ca7cb19f0ae867958d764b9856e759d42d2d84
51d88aa3c65e811a98d2584948ef45cc7b9f46299cb060fd2b5a6562a320b76e
52876b796b6d4f7a3be2fb9dda0d44b233d601391e288aef8f65ae9f76291ae3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55c2536030cf89dc3d5e4333d87fe27a7ec95821b0061d54d4a775f371632c2d
56d989eabce7e1f6ba7b90ccae9a241398f2f92e80315d15a48f9c12ac0f36fa
58007a83ceff931b10ce181c2ce50fbfa3f6d5a036aa6ad5e78e646577657fe6
58299fed1523c6b92ea3732cdd036b781eaee5b60941f6b4e9b8a014b56341b5
58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574
593fa553d116f4269a8fc8b7fc11dc49efdb71da04c896b6e5872841c5ffa2d1
5af054811a129346d93b9ad04957c889d58d04dbd681733b01eb03dd512eaf74
5c14abff0794b529b27ff0252535fc223fb8648e4e1cc4425696cef249114e3b
5c96fe319340305eec153f3bb6acaccbf5d35246cc0758a86c6183779a8b216a
5d598681808cf91bcc9d8840c0a1b279e7aac138052f2978c8d2f0979e5a662f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f301a0155c1a774aa8241d2f5ed9095fc6f16fa8858fcbf54fb3d7533e846b8
5f8a60a18e784c16174ab8616abd0a28fde829f0abb2362f9a917210b25033c5
6017a867d1c47b7064588060b155143650368c366daa7d9a07b9b3d99045e019
61e680e2998af4d729af03985dd260c4e6ecdd37c8337ee508a890297eb3c897
6365b2973ebde8d5823cbf8801a7960fea48cc84ad8ea8fb8b6facac48c23cbe
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
63c4a496badd93860084103fdf0c769d664502ef32b4dc15e44431ea7f42b33e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64e13268c72f6eb6d191745ca09f996a3eca995f0e8838d74607dffcd560c472
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
66fea73d9e7d51cb3cee97b19bb3e8d2e874e966768650223816ace7a346683e
68b40198aca8904893750c8620433c1b445a06124274ac735a52ee70733be411
69c02f544b87a917384825923fc6a04d560452dc5ed97d2b05b4db60fbcef171
6db3e554fc43e45c99b41ad5cf8d1064ce6576490cabbd63613cbe4f5d189886
6f8494aaeeffc0719ae636051d4ccc26757a70e62cb19ff857f9889aa18859ac
71adfc57b0887dda53c979885bb3225d5dd303b578e8f19864773a50ae97e0f0
72c0a71edbb9542e13bd1b95045d742d7acee3ce8f78aa51399f61cee7e492fb
730a4795b8fd9431f7afb86d53b1cb9745c0f83ebef261f0014e956d2a3f705c
750d4cf2f1d365e3c29ef6ae1e83d696ee230ff685eb7c7068d98fbc2c437454
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
79d7fe2f02f73e59b3ddd141a186e815624fb6a844196c57081268c2d0758266
7bee515bff0734210ffb87d918567425b0e4b43356993e9ae2bba8fb1a5d3504
7c3f57578998b0b2eb65a73debe0a9aa882f094f40827a7ebbef211ef475d665
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7cb9204207ba0ad8f119e038e0deae65f53308a39acd2edb32bed535ee1c5d50
7d4347d089ea6666874d39adc4872bba71aced349ed7388a397fbbe7ec13efda
7ecaefadad41efb3fb2dcc127d919af777b4f1de15254b69d8b1c89a52744b7f
80f32f98f0beec8ae0309ceb39e085d98484574d51b258ce320ba66f2e15b053
812b13056e0a955622e120865d2231dc2933ca37bb8aac942279cc41ec1d1d27
813742ece69b96caabce154a4e3368c9e7c4b963cfb30c72f38206d712a83693
82fe218fa264e98b0bb927b41f2dcb8e00c6ae070f985c669726b6d82ab78fde
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85348107a152bcd5a365d8aa174525af9a6ae0e0ae9f9ba1cf44735091b2e073
854f681d1dacdae0195d5f1ccf3f98028d727a02aaf2bb3cbffd98adb64ac116
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89b2fa54d172e6f9072718db5b1489d910b4546ff1c957f1b797c878e18e4ba3
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8a89d72ee8673193d61e094aa76946c42f9293329cf85d68f0bb0c529daf89df
8a978233505986e37cf952a7656e6c31f4a8d13902d76c68f28de30bf9f1d57c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bbb090a09bfd6773717e406613a3d42c1afa7c48bdd206317946c1db28394f6
902fba2e0a2c8faf5bf5cdb22a043e1fe2f30d1accf6c122006e932d82115b13
90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
91454b54d0145d637e3cf4decf201a4765f473eaea4d7d3f117b7bcf97f0b1f5
929b49c0b8c2d2ab8fec72e7a14bda90440b53edef9b5d5e688554bfa468eb27
95c642b43f943182295616552612020c91cd53e4f27b71cddf0f3e2109fcc3ce
969132c633b6de8dcd88036f6976869b266b8eecda59a77a90369c1e89b31d56
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9c0b3b18405d6ab0b398caddb6cdd4108c500859cf929358a98ed9bd6d0cb32a
9ecb1610fb43a65c9be00281371e2c61a547120d4b00c84779e1b62b1ad23e4c
9f1324e925fa03e159f25c348e2ed38364a6b8ff802375ccd0137cf6e213cf64
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a053bb70f457b83cbccb03f90c44f62b0e60c707f53d85f1b2123743dc935223
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a38a07bfb7205ca9d5208ce1b87b2e940e2729380acb97453ca398e6e27f7dfa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49
a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd
a895055a2eec72b5eb8f7826723a62966bb210c2154ae8f02da45bc482da8d64
a95355f826e9f8cdbce7ec47d9bf30deab8447080afb113be0c96a416f88449c
ab4e993036f9dc7322742a0522ebca7b89d7109c8f5a7c8e820e9550bba1cb89
ae1595516b9c471e6402ae57efa0636fe73def3ee876c4b74d214967847765c1
af3cd664e57921690e5bd8b343724391726ba74be3270347ec3e7eab3a88f469
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
b22d9bcc5dff4c30b8b0426a19a7b2aa38c7361a549632bf2df804fce74746f0
b30ce4d226c5dec6d653041a183614a301dcaa266ca57f4c8c57914de2fa3256
b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723
b6509c645bf1a0b7b7af0c9a27ee14cff82f2f13191eb0510f4d48df0b784271
b8a82f0c06c481c135c6bf1c40b24227dab03e80ffe9931513b02b59e964907f
b99c69a0f959d9db50091bc5215df865febdaaa4bafb502df3251d9b6436d340
bd375adfdf14a6b4f438327f7c0a701381f42cb0f183d3670f12db19d6cfc039
be0344d75b745d68b487f4e0f5024ee147dd866fabc75df27ec7e3680f1c1508
c51346d18fdea07e61f5b2a50fe8defe87e90804b19b4fb477743e9d8bab4e80
c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197
cd3a745dc42a3e3c6217f75ac99d3a0b69be5d6648145a93bd90315f8731199b
cd7a44259f2ada9275d5d33217bc34992508aad1f8ef9669ecc3f831d350306c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffd1a2fecadc14e0be345403a81b7da7757898f05a7c5cd0cbd6e7df3f90788
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d251a5601e7ca58168893e3a989ca6ea35c8fec176ae62671d506ff6dfbde2aa
d840ef1927c7aad49210faefc97f7005e3862dd4853cded03388216c009f01a2
da264a8e4a35789c7ff003bbcebd894f497b9001e07dcf94625e5382fecf6b60
daf992d71e7ba34ed2a6f86d8bb9e32fc63d60108e5966ec6e3067f83bc6e4ea
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6050d14a99c036f2404720c95e0e19dd43f9eb99f0d538502bd912b0ecb5869
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
eb2d83f60e9e9bfbaa239ad10ff98f7021b1544413954e90cc946d3fb6b73330
ecb4595e3f2e5c25bd43414ceb3f08779fb0efc0b111d6aed2b669c854c4d961
ee1b4edc04e36bd940cb5e1ff312ef440e3e63a64a1a465ed4fb4c56a8199866
ee3c2a496930cacf4542658784cd49d676c1849de285d859e086f78e26c9fe73
ee4c4a06616979aaa2cfeffba5c8e5fad7cbdbc5850e89d41c9dbbb3e1717fb3
ee84da6ec83f4a07234f64ada0ca44de76f3099729a7abbdae683e5fd876a821
eef89d3626c0833910fb6a09deec3419023d739123dc619bd405289f6cafd49c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f007b99d03a1f2e76cca898da007e4af656b38619a8b86db9d474abb9cd1c1db
f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc
f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
facf9ad75a3cc460153dc47465a9ecc29430fd28d56d73346ab49d3a83fd755d
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
ffba890ffcd30127c0df11d757c8c650269d8e6588e2a910f3aad48dfcc55bdb

daily.com.ua Open in urlscan Pro 167.86.79.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

261 Requests

65 %HTTPS

37 %IPv6

86 Domains

108 Subdomains

73 IPs

11 Countries

7311 kBTransfer

11334 kBSize

160 Cookies

16 Outgoing links

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

daily.com.ua Open in urlscan Pro
167.86.79.74 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

65 %
HTTPS

37 %
IPv6

86
Domains

108
Subdomains

73
IPs

11
Countries

7311 kB
Transfer

11334 kB
Size

160
Cookies

261 HTTP transactions
3 data transactions