urlscan.io logo urlscan.io
SecurityTrails logo

ni.biz.ua Open in urlscan Pro
91.234.33.240  Public Scan

Go To Rescan Add Verdict Report
URL: http://ni.biz.ua/
Submission: On June 09 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 10 domains to perform 75 HTTP transactions. The main IP is 91.234.33.240, located in Kyiv, Ukraine and belongs to THEHOST-AS, UA. The main domain is ni.biz.ua.
This is the only time ni.biz.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    91.234.33.240 (Kyiv, Ukraine)

ASN56485 (THEHOST-AS, UA)
PTR: s7.thehost.com.ua
ni.biz.ua
15    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.co.uk
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
8    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
18    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2607:f8b0:4003:c04::5e (Tulsa, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4009:1::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r2---sn-aigzrner.c.2mdn.net
Apex Domain
Subdomains		 Transfer
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
458 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
static.doubleclick.net — Cisco Umbrella Rank: 370
bid.g.doubleclick.net — Cisco Umbrella Rank: 440
1 MB
13 google.com
cse.google.com — Cisco Umbrella Rank: 2743
www.google.com — Cisco Umbrella Rank: 4
clients1.google.com — Cisco Umbrella Rank: 553
adservice.google.com — Cisco Umbrella Rank: 79
171 KB
5 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 42
fonts.googleapis.com — Cisco Umbrella Rank: 52
imasdk.googleapis.com — Cisco Umbrella Rank: 406
126 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 870
r2---sn-aigzrner.c.2mdn.net — Cisco Umbrella Rank: 547424
359 KB
2 gstatic.com
csi.gstatic.com
344 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
86 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4921
914 B
2 biz.ua
ni.biz.ua
4 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 793
644 B
75 10
Domain Requested by
18 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
14 pagead2.googlesyndication.com ni.biz.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
ni.biz.ua
8 www.google.com 2 redirects cse.google.com
www.google.com
ni.biz.ua
tpc.googlesyndication.com
4 static.doubleclick.net googleads.g.doubleclick.net
2 r2---sn-aigzrner.c.2mdn.net
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
2 cse.google.com ni.biz.ua
www.google.com
2 ni.biz.ua ni.biz.ua
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 clients1.google.com ni.biz.ua
1 www.googleapis.com ni.biz.ua
75 19

This site contains no links.

Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-05-31 -
2022-08-09		 2 months crt.sh

This page contains 14 frames:

Primary Page: http://ni.biz.ua/
Frame ID: 390CDAE26A6490F48954F9B465056455
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20190131/zrt_lookup.html
Frame ID: EB3B9D41BA4AF6635C64414C242F4D0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&adk=1812271804&adf=3025194257&lmt=1643799769&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fni.biz.ua%2F&ea=0&pra=5&wgl=1&dt=1654775637304&bpp=2&bdt=226&idt=273&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2222071272958&frm=20&pv=2&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=290
Frame ID: 82D5037908BBC955105832527E30DBC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Frame ID: 0AD771BA22388F20CD57F702E8D5DB63
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3EDE1BE22E04904E6F00660A3666BF82
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Frame ID: D791EB1AA14DAA76AFBDEBD86DA02AFE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6CD7AA159C61388EFAFBB0573FC69BE3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1C27197EA431F9BFC5FF26F90E08CDC4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/abg_lite_fy2019.js
Frame ID: AC38C3B654EE740117AFA65F04C4C691
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
Frame ID: 90A71F61929929C6BFAA99A7DB3EECD2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
Frame ID: 812F7BD4402600DD993491BA8214F7F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 83731E94A9CA1DA7953F638AED14B041
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0E25143E390FA405B7B9B71A39E64885
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 428FB25233EBD462610FAA64C4403F2C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ni.biz.ua - сайт навчальної інформації для українських студентів: реферати та підручники, книги та шпаргалки в онлайн режимішукати

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

75
Requests

92 %
HTTPS

83 %
IPv6

10
Domains

19
Subdomains

18
IPs

4
Countries

2314 kB
Transfer

4053 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 47
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 61
  • https://gcdn.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/64EAD48DB1EBEA7019F9839D2DC34FAC9186CF7F.1A5BCFC3C1835E69F9FF20B78E9D1A2A25706A29/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-aigzrner.c.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23EB210BC07F58EFA528F709A7936261B7978B57.3135311864FE2141016E136784057C4FE0B5A69A/key/cms1/cms_redirect/yes/mh/R2/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigzrner/ms/onc/mt/1654775338/mv/m/mvi/2/pl/48/file/file.mp4

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ni.biz.ua/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ni.biz.ua/
Protocol
HTTP/1.1
Server
91.234.33.240 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS
s7.thehost.com.ua
Software
nginx /
Resource Hash
10abe2920577f10efe0b2b493437e0f6f2c040e75ad62bc8896d90750e9f41d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3005
Content-Type
text/html
Date
Thu, 09 Jun 2022 11:53:57 GMT
ETag
"1d46230-24e7-5d706f55c8064"
Last-Modified
Wed, 02 Feb 2022 11:02:49 GMT
Server
nginx
Vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ni.biz.ua
URL: http://ni.biz.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
464e78d988e33ba65456ac1f131252f4de867569177981cdebc0a989807af854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 09 Jun 2022 11:53:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13525250846281957373
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
56266
X-XSS-Protection
0
Expires
Thu, 09 Jun 2022 11:53:57 GMT
style.css
ni.biz.ua/ 		383 B
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ni.biz.ua/style.css
Requested by
Host: ni.biz.ua
URL: http://ni.biz.ua/
Protocol
HTTP/1.1
Server
91.234.33.240 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS
s7.thehost.com.ua
Software
nginx /
Resource Hash
fdedcb1a826b38f55c11dac1ece51026c812d4a58bc05b97342549917c5f2429

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 11:53:57 GMT
Last-Modified
Fri, 12 Feb 2021 16:56:58 GMT
Server
nginx
ETag
"6026b35a-17f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
383
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=0bb03dfcc2e9c45b4
Requested by
Host: ni.biz.ua
URL: http://ni.biz.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
f17fc5d86f346fa31d9173643f7151749cf6612525e84cdb40559ab2ba4ebc52
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Thu, 09 Jun 2022 11:53:57 GMT
content-encoding
br
accept-ch
Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3489
x-xss-protection
0
server
gws
expires
Thu, 09 Jun 2022 11:53:57 GMT
cse_element__uk.js
www.google.com/cse/static/element/3e1664f444e6eb06/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__uk.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=0bb03dfcc2e9c45b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3921d22e340021189f986befdb097d34a4d1142b3c0a2565ef53f5d0971c1748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 19:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103146
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 02 Jun 2023 19:43:30 GMT
default+uk.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=0bb03dfcc2e9c45b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 15:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 05 Jun 2023 15:17:30 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=0bb03dfcc2e9c45b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 09 Jun 2022 12:43:52 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 		339 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc8881ca9afb7fd3713d48b6959658f4d6ea90b049563a0b25152a3e67135f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122348
x-xss-protection
0
server
cafe
etag
18156478605064378597
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 09 Jun 2022 11:53:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220607/r20190131/ Frame EB3B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220607/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ni.biz.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 20:42:14 GMT
etag
14734731752043123527
expires
Wed, 22 Jun 2022 20:42:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async-ads.js
cse.google.com/adsense/search/ 		139 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__uk.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83c15ddd94af921d855c153e98f5b29d9951bdba6f52d703f7662514f7c62725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 11:53:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"17372565205018195239"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Thu, 09 Jun 2022 11:53:57 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:04:14 GMT
x-content-type-options
nosniff
age
154183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 07 Jun 2023 17:04:14 GMT
branding.png
www.google.com/cse/static/images/1x/uk/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/uk/branding.png
Requested by
Host: ni.biz.ua
URL: http://ni.biz.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 08:45:46 GMT
x-content-type-options
nosniff
age
184091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1500
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 07 Jun 2023 08:45:46 GMT
generate_204
www.googleapis.com/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: ni.biz.ua
URL: http://ni.biz.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clients1.google.com/generate_204
Requested by
Host: ni.biz.ua
URL: http://ni.biz.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 11:53:57 GMT
Content-Length
0
cookie.js
partner.googleadservices.com/gampad/ 		213 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ni.biz.ua&callback=_gfp_s_&client=ca-pub-9016879489064789
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
526174ff36afeb450b46a1eda5c625cec3aeeae100161a1f2aa8392df85c9d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ni.biz.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 09 Jun 2022 11:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ni.biz.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 09 Jun 2022 11:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 82D5 		201 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&adk=1812271804&adf=3025194257&lmt=1643799769&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fni.biz.ua%2F&ea=0&pra=5&wgl=1&dt=1654775637304&bpp=2&bdt=226&idt=273&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2222071272958&frm=20&pv=2&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=290
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff1ac13f78501eef5add26bfd069229a58048415a92903c869ee4d2dabc665a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ni.biz.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
54734
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jun 2022 11:53:58 GMT
expires
Thu, 09 Jun 2022 11:53:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0AD7 		102 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ef62a38f3a141b536ddcbad80f0395a05cc3bf498de48894fac756cd948a282
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM3LxdCnoPgCFWYSigMdstICWw&gqi=Vd-hYq7wJqPWxgO-04KwDA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ni.biz.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33622
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM3LxdCnoPgCFWYSigMdstICWw&gqi=Vd-hYq7wJqPWxgO-04KwDA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jun 2022 11:53:58 GMT
expires
Thu, 09 Jun 2022 11:53:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 		147 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed24612052f9aa80f27aad4476e6d77f041fb29bf30b4b06b361b9384508e6b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53521
x-xss-protection
0
server
cafe
etag
4736103935571754724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Jun 2022 11:53:58 GMT
ssrh.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0AD7 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30063
x-xss-protection
0
server
cafe
etag
16132151104434394549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 09 Jun 2022 18:01:11 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/ Frame 0AD7 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8701
x-xss-protection
0
server
cafe
etag
7038200677561849530
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:51:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/ Frame 0AD7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:43:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0AD7 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Jun 2022 11:53:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/ Frame 0AD7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:46:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:46:23 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ni.biz.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 09 Jun 2022 11:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ni.biz.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 09 Jun 2022 11:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/ Frame 3EDE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ni.biz.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
60116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 19:12:02 GMT
etag
14734731752043123527
expires
Wed, 22 Jun 2022 19:12:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/ Frame D791 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ni.biz.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
60116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 19:12:02 GMT
etag
14734731752043123527
expires
Wed, 22 Jun 2022 19:12:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
16169565491411952989_4367454166607388184.jpeg
static.doubleclick.net/dynamic/5/206838720/ Frame 0AD7 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/206838720/16169565491411952989_4367454166607388184.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
696701ff246197eec19b99092471f6d12ae19607fac0d48cc9996d93a4833271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 19:50:02 GMT
x-content-type-options
nosniff
age
57836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232059
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 14:42:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 19:50:02 GMT
10551195974009324837_13331753041740865055.jpeg
static.doubleclick.net/dynamic/5/206838720/ Frame 0AD7 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/206838720/10551195974009324837_13331753041740865055.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d85e0b83efe834b6f45c0769e11e91d95a388136ad405d8aee07197e6ff7a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 21:05:27 GMT
x-content-type-options
nosniff
age
53311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
264205
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 14:42:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 21:05:27 GMT
14952885165655889040_18213550066902727067.jpeg
static.doubleclick.net/dynamic/5/206838720/ Frame 0AD7 		270 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/206838720/14952885165655889040_18213550066902727067.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de75f74c16ee260673a91f8253b007a4d454690220b5ed46379dd071518ea753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 20:52:42 GMT
x-content-type-options
nosniff
age
54076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
276542
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 13:33:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 20:52:42 GMT
12234371772640210138_12353137186703928873.jpeg
static.doubleclick.net/dynamic/5/206838720/ Frame 0AD7 		237 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/206838720/12234371772640210138_12353137186703928873.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7529f444584dca11f6461c147e677a11cb142a9ce1bb644b11ba4b561d72987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 20:19:04 GMT
x-content-type-options
nosniff
age
56094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242850
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 14:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 20:19:04 GMT
10091498889470987024
tpc.googlesyndication.com/simgad/ Frame 0AD7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10091498889470987024
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 07:53:37 GMT
x-content-type-options
nosniff
age
187221
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8502
x-xss-protection
0
last-modified
Wed, 20 Mar 2019 13:48:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 07 Jun 2023 07:53:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0AD7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cpgk7Vd-hYo3NKuakqMwPsqWL2AX3ue2EaoWS25ubDJaCzYWIFhABIKK3jShgu4aAgNAKoAGwuqHXA8gBCakCqRVvNqT7sT6oAwHIA8sEqgTTAU_QdXmFCin6N7XxswH5I45beses2omHl66DGY087Hkw1VPEtat9u7FV-sNx8ESBL0jo97C4b3-Nzunv094FjEP42YnrThnXiDqS-fWVqyoWHl_bxz-pk7gyNGBkbgh_EuYRob7yDR0AsolGiiA7e-sUJgrIKgDiPP6J6yzAjmqZmIpgtTVVVQ7TuVq5-20qQFUsP9Z3X9_ofw0KhnoH-zngPipnLRIxbkaKZL6xI48KqRPyCyGUfRFOSPXkGDOfrCSnsBjoAOtARwPnrCnjv2ZXm0rABO7Oj9eaA5IFBAgEGAGSBQQIBRgEoAYugAfn4dBiqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJuWD9IICQiA4YAQEAEYH4AKAcgLAdgTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi05MDE2ODc5NDg5MDY0Nzg5GAA&sigh=vHO1ItNy0jg&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 09 Jun 2022 11:53:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 09 Jun 2022 11:53:58 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6CD7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 11:26:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0AD7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42a1e7ba9244e0944857902f3e4e4460edb4a29c2e0d27c1da5f19addae17af4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
css2
fonts.googleapis.com/ Frame 3EDE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 10:20:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 09 Jun 2022 11:53:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Jun 2022 11:53:58 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/elements/html/ Frame 3EDE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1f1fd543e14c5e19e810309bcbfd30a35c551d3b6bb0acc4cf642d00c1fdb16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:44:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8291
x-xss-protection
0
server
cafe
etag
13896182058400554804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:44:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D791 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTGuRVd-hYvfCJ7LOxgOE7pQwubWujWqq7_bKmhDP5qK9wAEQASCit40oYLuGgIDQCqABldiY2QPIAQOpAkfIlyN1ArU-qAMByAPJBKoE1gFP0MD9LI4Rmyb4an2-dCsTM5WxP5GMzCJ9YheXQ1vypxy6ahAF9dNdWmgiS06QDGcnNGTMUCGINl5lNN6Y38ZaRlYK8wbx6s7xNkMsgwrAYillIbVC2dxZgldEXNPGkUUh6bJmKLQ1Gi42HVFlrw-kfbpvpi8_Njpj9v-bWNyVOsT8LbSWuJXOu4oEh2BzOP1Ngc4b1dqp0IExXAEOhuoWBIk52FXlbgfEmmHu897SgdI1Wte-uLASeoHLqvOKoIWsmDBJzPWcgEfStZpcadBNi2XTC_BqwATsro6AnQSSBQQIBBgBkgUECAUYBKAGA4AH06fnJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFENmgzQHSCAkIgOGAEBABGB-ACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItOTAxNjg3OTQ4OTA2NDc4ORgA&sigh=zSyw4gqUcwg&uach_m=[UACH]
Requested by
Host: ni.biz.ua
URL: http://ni.biz.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 09 Jun 2022 11:53:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 09 Jun 2022 11:53:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/ Frame D791 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8701
x-xss-protection
0
server
cafe
etag
7038200677561849530
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:51:56 GMT
15362282282798730764
tpc.googlesyndication.com/simgad/ Frame D791 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15362282282798730764
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc6a53a5753c2e1f69b0db4aa9d4b9a0ac0ae320e2508e9ca3d1f543086ab476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 12:28:30 GMT
x-content-type-options
nosniff
age
257128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21703
x-xss-protection
0
last-modified
Fri, 13 May 2022 12:27:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 06 Jun 2023 12:28:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/ Frame D791 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:43:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D791 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Jun 2022 11:53:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/ Frame D791 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:47:44 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/ Frame D791 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b5f7a8738cea026482ec8051f74700313fcc9be6b210be1a45dd86bfc3d93d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 10:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13073
x-xss-protection
0
server
cafe
etag
17118480071107141432
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 10:00:23 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6CD7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 11:53:58 GMT
expires
Thu, 09 Jun 2022 11:53:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 11:53:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1C27 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 11:26:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1C27
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 11:53:58 GMT
expires
Thu, 09 Jun 2022 11:53:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 11:53:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/ Frame AC38 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8701
x-xss-protection
0
server
cafe
etag
7038200677561849530
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:51:56 GMT
css
fonts.googleapis.com/ Frame AC38 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 11:43:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 09 Jun 2022 11:53:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Jun 2022 11:53:58 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame AC38 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 13:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:47:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 13:23:39 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame AC38 		351 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 13:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123888
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:47:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 13:23:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/ Frame AC38 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:47:44 GMT
truncated
/ Frame D791 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
364f62dbdb705912732fbfadc50596aa4d07288ccb22fc2e96e4fa7f3adaaf86

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
pagead2.googlesyndication.com/bg/ Frame 90A7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9016879489064789&output=html&h=200&slotname=5743228886&adk=3894183216&adf=869763061&pi=t.ma~as.5743228886&w=1200&fwrn=4&lmt=1643799769&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fni.biz.ua%2F&wgl=1&dt=1654775637306&bpp=1&bdt=228&idt=291&shv=r20220607&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2222071272958&frm=20&pv=1&ga_vid=1448076436.1654775638&ga_sid=1654775638&ga_hid=808830621&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067527&oid=2&pvsid=4295468283009944&pem=970&tmod=1358485056&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=XCcSIvV6f0&p=http%3A//ni.biz.ua&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
13169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 08:14:29 GMT
csi
csi.gstatic.com/ Frame AC38 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=1~l46youn7&c=7997804207404&slotId=3998902103702&qqid=CLbBwtCnoPgCFTKncQodBDcFBg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C324123032%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c04::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 11:53:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC38 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CzKRiVd-hYvbCJ7LOxgOE7pQwjZDGmmr0rt3V1g_wLhABIKK3jShgu4aAgNAKyAEFqQJHyJcjdQK1PqgDAcgDmwSqBPkBT9B8eHNJUX1Ujl25vEf0asWKbHkb_e4-SsDD0I8uy_VIBsxP9VdNFL8fdNr5h11-AOXiZLTEEH0xXf-v8WyU2WM1YFjR_KCD6KAdyH1i-YtmVaiIF-mXzDS_HqasQNGttNXxwY6GBmmqTimaz3jJoCO-2NQ5O7dBcfuK4mNYEqivvLNFDK_uuJoy9YZDW1mTIXS7iN7nA6l0YfIdwy3Rs7C4zciifoR5SgGl__3VECs1KfS_dMbl9CrLvrTlo-mrjvGP8ve0jUGR4anWmPQ-jxL-LB-VopJBRlrWe2BQNpcn_N_exLesVNI4P5w7UVNpOoLwbU1aOz_QwASAqvamlwTgBAOQBgGgBnaAB6HrxqQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBO_yawP0BMA2BMDiBS7FtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1654775638824&ai=CzKRiVd-hYvbCJ7LOxgOE7pQwjZDGmmr0rt3V1g_wLhABIKK3jShgu4aAgNAKyAEFqQJHyJcjdQK1PqgDAcgDmwSqBPkBT9B8eHNJUX1Ujl25vEf0asWKbHkb_e4-SsDD0I8uy_VIBsxP9VdNFL8fdNr5h11-AOXiZLTEEH0xXf-v8WyU2WM1YFjR_KCD6KAdyH1i-YtmVaiIF-mXzDS_HqasQNGttNXxwY6GBmmqTimaz3jJoCO-2NQ5O7dBcfuK4mNYEqivvLNFDK_uuJoy9YZDW1mTIXS7iN7nA6l0YfIdwy3Rs7C4zciifoR5SgGl__3VECs1KfS_dMbl9CrLvrTlo-mrjvGP8ve0jUGR4anWmPQ-jxL-LB-VopJBRlrWe2BQNpcn_N_exLesVNI4P5w7UVNpOoLwbU1aOz_QwASAqvamlwTgBAOQBgGgBnaAB6HrxqQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoByAsB4AsBgAwBsBO_yawP0BMA2BMDiBS7FtgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 11:53:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame AC38 		24 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DGJ2pOYvtOXO5_LjM66p-0oKAhydIz-X3sJA_VErzfH5LNNHP-Vehre5lSvkqit1vlNGKAx3l8DFb4DAk4cDso1Go6ww&cry=1&dbm_d=AKAmf-AiH2-T0n6bayYmlx09Iw2KiBInllsYSb8NdHBnf7F0YuvZO1XsOV9XXIbcsP3KUINmyUXbpbiLDQ1RuwQYgoHp1cOuV7Vi58_3dFHjvDwwMo2RWZE1XWvhv4EMzGiYmkWANYuMm-RHVP4-mWqTfEEihHvAmaTozfmtxgAO54boHRYJrYuwDTJxC5AkYfUVB8rgv2KCZeBbipMnWD63heGCx5AjDZbT_50hJjBBYAqBIYakARjuakhAiZ88pFwKRR7gn5fKvWG5-4D88AhLkZrR3jWBShbXGht9uSX15HQmAyxsXS2UDmPkFyOFjwXpaK9AaWpXkxSEWiSt88ZF4C5NCZLr8nUwbHLND1JJiN7Y_c4Pf_FEDJG3uKmJ_c8hKJnpbC-BLy8lhUmSbr5-Bc2T5eaMWlYY2uFKB2uLuMG608nekgq7oq9hU337awUjz094Kt3HjOhtieeMxggDVYWmHX0Vkj4vjW_4ULIZfzO6OMqW1Zk00NGHRLkU99CM9lNjYOKZwMotJcAVIfYy6Y_9Tzen1k9A0cRoumg1kRy4sybFopFu2u99tdrPcLBJDLMiOOCpWu_w-I65cpklj0PWTqjINj6JInm9F7BWyF2M0vDvEp-T39Q_WjBi8AFxGube_a9YjG01Q1G-Lscy0WMxzJ53LVJsEay7Cff-bGByUCpSHidryAghU-OzH3IbMOX80G6Vl6C633E0gT7x089VF7v-Q1amMr5r9WaZB3df1wtoqxLPrs5z82rQjsuXDe2hq9_p11flKQta_NGGp1onQBsIuyhcLIUp-gRdJmTrruh2I1DWb95mfxI7lHaBqJ_HdXeVcz7OhElwMLWQuaDx2ZLZ9K2QEbTL_iFbW_hsDpYzwACnBQ6NZTHqEvlSUYlhd7W_8DmsK2UDxJsVYqzDjlJ5LnS8zOO-HRhOiWn-yDxdIY_l9N5RgjX-_EBn4kxlRePoOpqU6HbYdGy6zBgGPmc72qSoZ_bOAeobfs5XrkGFxUsYm7LjX0gbO9tEBgXIX2LXAtutD20X8tXsnXCPbBXNoNfeUth2Xm8bis1BgRtP8HXdeCZAir-C_imgSO93ht6D3vJrI0LtmlA8578bWteqc5ObWqUKyHMcQZPgw9gD193itUBJ3ApvzwokPJenOfrGejyXuStdwra6MD3bH7UPPjeJ38mvOI9rkPVbC8yGeoi-pNZU1flKoDqcrlSM6WPv7jscIsq1JKRLSF8NH9MrveCK3G_5jJCO0mXGIKpq_bYcJgbx8H5cvjcdl_TBS56yhinp1sbsO-tKhuk0FMiJSlvzxDbSyRRqk0Oy8ZUSCuf_82-JqoiSz_1UTGUG1QIJOj9L9KIc61UVctlGN-G8sUSIhZToSH7QON-WePNAjIHVwDEUwyUauEtQcnCx6SHCZ4B9TZRTiZdKkxG6peAQo3fstuZoPflkrinUPxB5oRaNgFSKdIYUoGljaVpsuOdR5bdqEqIX8vg1iPJ5poe9XU-UafwsfkjEsS8pg5jR2Wn83qqS5-GMwNpnpFCAQR6WnjDIfqWf_beWrYo_E3Kgyr32K93vaGI1C4Lp9rDUbKQUMJRTROdNVvTva193a_ahGT9Pi2w6tTC4i9YZHVOrEU3qvl_T_PfuGO_lb29uuaE20imO88PnyH4ZAeghhetdPMgvjDmUIzeq3vit_wE5xaouN4SQ3bp0IcAvIsiCbBYmM0ariwGUMnGTAE_Ze_3CAB_jwtyrMhcDzDq-qtx_JlmpyMWGu-jyRBmO4wNaAj-gDaJvun9RJ8D-sNXFrBvmH_GIJV2h0brXvaMWJXPVJ2M5RmPn75SmqjN0xa7M6U0g7D26_sLZQva_J6WJcz8cNefHlkMGIrwgGZN9z4uUIRaHrjwqJIaQtog7flalhWvCyMBFSEeBDxb_8XxalemSbwNl_852O_a8mVYwSJRAH4eIsQ16qdETOYfzdiO4Xkoalv1Mnk1yfCQMWvYufWKIQpNjkbpfG9aUZmzoIAFVVK9goa8MBaD9PmPTK0_zHoRLvTeJjkFPpZfWi9p621YDVeqwQskXwTqOo91tiuH_mF2JevDrVtaeK2TFBogvG280YjctW2pvlc5cx529FmM_cbY5Qq5aCHuhQTBxdSazy3aVl3zN4KFYY056EW4sTP8PqmJvdom5orBtdEzSQ_HPA6ZIT0FKbUSfkFm2aNoBBKDTPvrsM4Zf-PcB5e4k24livddar-1CRuWLkz-yWZbn3Ddi4w9pf1U4xtg7qcpKpUFqe2Z6yE-xABFtOQyYTxROxyFBRDx1qg4I9lhglPMw44eWL5RCwhjdcM3Jxw24bYRbuq6nsZnjwPPZ2hWg9cv_TzePkCP-Dv5TW6an-oNnytp81xcKPO6JK4aUcYDicytx_UV9t-u7hUYxycE4eBms3LL-ld-4HS0c_E0JVLa0U1urgg4h3z8zQXhpvo1_Hr11MyGpBwfSvNjOmP7V1vXvHmHK4fCMqEzdfRK2BVTbbFT_r4H9Js3ivDWK5IDR2BAW80yc0jfLu-wkogHuO5spyenuy6V6qQhEGZJZwXHdg6P50-q5oPoumWoBvM0JCgI-Q8fB3XSK7Lr1BlzYqcbRYxIAF-eDzWLuNjceAjezS1_WRU9_BepnXJ4w7ZPO-Cb9xrl9VmkycuzleKPsXviNkApRiAXdplE9rSvKxhepNpEKcMIdOI01gFVN_5-NEr1KzEg8dXR3FuxDAyK9nziKryoaMswViqDeONL4743LJg6YtbS20kErhn7iFCkXXq8J1PN7761ZB5F1RFTZfcf9RE6Ude8amsDBFH65FozcsT2qmzp18brokJ-X-A65eVwGwNLaVq_nqR73ljQnFA17pRUGx-lcT5j692m_rQfBj7X17mbgQuL82nJLI6LgNnS6MgDnM59JQDnv89_gNfX06h5chrgqfivZpuLrg7-wQNrGTbxE2gaaav4YOKQU5lVAid3m8bI2uwSFY-zpU-gGO1bq-JwIfKUytJp8oEIEDkbLXccse-X7tPv5La38GBxxj_xWM_phFkVEp85RKj5ZDd4ahFfB07mXPMam9NzUh-cuDLxwp8T1jnNXPSuYqTGQt5rLf6EBonWlORZBGn5Vnr7oYmbtapnRlDlbwmblaxNwXyFKKJNoc2hYISY7s_50a-UaiI_oYg9lTqzD7a8n592EQV401C01pBw4Hb5H-KNp74mlvdwRgF0pwE87_SeO24r5m-ixap4__SkK-ptVANPjVnL0DaST9bCzJlebZZwI_gAHg2tUkhQhnQS-Gfz0J8nvWMOoT0f0fGw2lz6ZXo5phA5dpcRuOsu-BKqjdwTr9fx8DrSqhVQAxs5wAWZW1AS6NuWl6vkVTNcJm9cX-Z7_0rmJwhV1H0I7Bo3U5xLIFmK7GiRpPmz6arQ1ZpZttNBvceKgofZCz8wvWjwvw4cl_YLCnfa2-1HKuXF-b2S5Ii3is9EAjToKyX2S3E9WE8p4h5Di_levWxKskcFgNRcelHkqvA-ZePSdn9-j15K0ykRrqxNjvNMoa0Aqrnd--nTn8a_ymx3Ewzvgp_7fqAp1upwmQ2XTxc-rYcGBBsRbH5EqttmuzdFHK7_moc8XH4dXOKgsRVK05t0O2QI&cid=CAASBORoCvY&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
cafe /
Resource Hash
26a20378e5da24749f4b996908224eb56894f72f4bf10a494411bfc32de7d31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14658
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
pagead2.googlesyndication.com/bg/ Frame 812F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220607/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
13169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 08:14:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220607&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c02b4d673ca4895da0f2d993dcb5f54d8508bb8894b19b99446e310835ed037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 09 Jun 2022 11:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10848
x-xss-protection
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame AC38 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 11:13:37 GMT
file.mp4
r2---sn-aigzrner.c.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AC38
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-aigzrner.c.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-aigzrner.c.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23EB210BC07F58EFA528F709A7936261B7978B57.3135311864FE2141016E136784057C4FE0B5A69A/key/cms1/cms_redirect/yes/mh/R2/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigzrner/ms/onc/mt/1654775338/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4009:1::8 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 09 Jun 2022 11:53:59 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
366134
Last-Modified
Mon, 28 Jun 2021 13:08:57 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 09 Jun 2022 11:53:59 GMT

Redirect headers

date
Thu, 09 Jun 2022 11:53:59 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r2---sn-aigzrner.c.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23EB210BC07F58EFA528F709A7936261B7978B57.3135311864FE2141016E136784057C4FE0B5A69A/key/cms1/cms_redirect/yes/mh/R2/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigzrner/ms/onc/mt/1654775338/mv/m/mvi/2/pl/48/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 8373 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
141349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 20:38:10 GMT
expires
Wed, 07 Jun 2023 20:38:10 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9016879489064789&plah=ni.biz.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 09 Jun 2022 11:53:59 GMT
fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
pagead2.googlesyndication.com/bg/ Frame 8373 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
74998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13889
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Jun 2023 15:04:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0E25 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ni.biz.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jun 2022 11:32:50 GMT
expires
Fri, 09 Jun 2023 11:32:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 428F 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c9999d3917847a2dbfcff09aad2f0e375f7057733e509988a760d4fc4b597b62
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EWFiIwdIiDSoOhUefs_xrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ni.biz.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-EWFiIwdIiDSoOhUefs_xrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jun 2022 11:53:59 GMT
expires
Thu, 09 Jun 2022 11:53:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
pagead2.googlesyndication.com/bg/ Frame 0E25 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
13170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 08:14:29 GMT
file.mp4
r2---sn-aigzrner.c.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AC38 		358 KB
358 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-aigzrner.c.2mdn.net/videoplayback/id/b91e09dadb60c2b5/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686311638/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23EB210BC07F58EFA528F709A7936261B7978B57.3135311864FE2141016E136784057C4FE0B5A69A/key/cms1/cms_redirect/yes/mh/R2/mip/2001:ac8:21:e::11/mm/42/mn/sn-aigzrner/ms/onc/mt/1654775338/mv/m/mvi/2/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:1::8 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2e95c4d63838a6dc2574c8e990e94fa86078fe8861f4cdd526ebe5606b6181f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 09 Jun 2022 11:53:59 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-366133/366134
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
366134
expires
Thu, 09 Jun 2022 11:53:59 GMT
last-modified
Mon, 28 Jun 2021 13:08:57 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
sodar
pagead2.googlesyndication.com/pagead/ Frame 428F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220607&jk=4295468283009944&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8373 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BYmLjVt-hYuqYOdiZ1waB_rfQDwAAAAA4AeAEAg&bg=!nZ6lntrNAAaJfvByqX47ACkAdvg8WqHf9U7USz-SIb4Ml_9jrNZNzLGZKz6ee8Vsdw2TUrMTMir1QAIAAAB7UgAAAAFoAQcKAI1YIzYc7202vHOPQGigqw9Q9b2Ie6OC-XMG-dcGPBvqIGx5KycMBGbsh0fuhgvCmPwdpR_UmqlXJJJRSdvtaYK8eRcOjuExY1JU0BlziqAc17MUvYThqyOwWTcwmlfKQ4YK6cWgiK68Y6OzS9Xv-_xGoLU_38I7XJZ-OqfUSEdBfrQOyqRoh0-KcORmMOuZAtSl4wKxoRrJIue0vJ-NB0n0y1ShGqHrjTokRcsY29NdU40Yau86S_330xueqRVOVlnjqBPlduQjMPQw7evSdj1V09Noj9xRTpY1EIaMqg-jV_nC4ba-JBcA46AWsuz1vNmyMz6JOT0BS8MhqX0wH7zM2PDgGoeOmj__LZs9CifTWdk6kISFnYPqlJxIVEzzxjs8WqOhwWKQB7M-m4ZuYeSqwlpVR-KHUWbjnQZxsTlNjW3Zb05YyTONkErzTbJMM-T_TYHkg5vA4jm2VS3VpOnfV8HysZ1DEMax0Hm4AVW6JP8SY0U5ok251vyxgvwUMZ88Ss_z7LDX-zVXpgAsor5LTLpkXFhmZ_NmkwRVpo1Id5bQ5uo8hdCeTWD5fRg5BD80nuFgkppzxRtb0u4ic5JQ1vB28PLb6g6XVxsZouIWbsOmdRwtDODJ7pzbEGh0-Hn7CE0gOjgyiXKvuTnYwxiRhxHsIMyBG15-74NEgXxMX4xjSnCxH2kiqyCGy9p7Yzkj0SJVj7T7dp70GupaPgORT0nUS4DOoUr9hBxCpKHmbtnc7P7hRYmFe73QIpy1lJlVDeWST3TJSZob6uM6Vagqywd3vMbQEps8k6eolFuPQ0ic5Bb5Y0qdIs6bENdYXOoBVv6ZeVJSKrNFIzSyh_DNvIqRt4lOuFKEaD5Bh1XC1KZxINNWbBaPj6O-j9LS3Uym8O574aM8HCD3VF49Jk7_oZ5oK7lxa9-5VkA7VpNyRF-NcEBnurUBxvSrdddCX5k8hWR5BqctqoR3CrRSBrvGXlf0rvCyqsbCX2tFHXHCanJ5E8ZBDlWb5GRjEqLkWm4uArhpv3Zp2l83gR1-MW_eNn_dJzLiW3M_lrR1yub5jdU1rN2wrq738EgYtUnEKRIc-O8DkGfrcLNxpxxpF4F5U6qFWkD6_acQIVQviibL2bJPOjbFbK6XmVSk1ULotS-ET8Bg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 11:53:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0E25 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?L3v8vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 11:53:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D791 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuhUoCq1RA0XixS6cPewpPnxirODiH_c9YLwLChBMb9ajJZC9ruyk6IrkwcdboQk32-6yNQEQab6g-hIRl2kzJywZbiBBmPpZS8RPm1AE_5sye5d0zKnYowVDB&sai=AMfl-YRQhxt5G2k-yRwna4rRd7N4EXj0bWp8HhB4-LflJkM4jb9XTR_m32HMsdkKvdZU8yLn-UXynPcBXQOz&sig=Cg0ArKJSzKhDvXGTQOYxEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=86,768,1000,1090,1090&tos=86,682,232,90,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1654775638324&rpt=286&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 11:53:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0AD7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBaeh_Q8D4d1XfwoWg69OKwnZ_vxgQ49c6d8NzUgKP4fYLILl0IvfEmoemhIl94TQ201VIkzkTv_ou3hMhogMWKn99XTVq-pfRozVjGA5cyAtTkKSDBY9PacSo&sai=AMfl-YQeEwGnKLiz8FQG4z6jNXV_cl5PEcM7-KgVy1vLSapPjwkyIl2bxirwamxnglZm-ch97_DdEI5T1Uqk&sig=Cg0ArKJSzP6csIliABQTEAE&id=lidar2&mcvt=1000&p=0,0,200,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=21&adk=3894183216&rs=2&la=0&cr=0&vs=4&r=v&rst=1654775637603&rpt=1101&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 11:53:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220607&jk=4295468283009944&bg=!oKOlo-fNAAaJfvByqX47ACkAdvg8WmMZCiBWCDl782DCQm5c6xevCv-mvcUj7C-jZJV16dJvzHCwBAIAAAA_UgAAAANoAQeZAqfla6H3eTA3Zcke9wDaLB-y4b18aIqe0HtAtifB8g5CiQead1eiV2F05EZLuWl4uDxLJGYGZVdO0at1ee2mg28pUd6_3w_31xGjLE6HpUIidJWdzU3xucFSjMslF4mS_wszxfoBYgHib6qll8MU5y6uPyG9AhXtNNxpCJiM-dXaTfSrcY5KPmvVAKuj4JNnWTdzbnJ7SmNCMe2cbj77tYifMpmA2qna1eqtvmt7GjHTxmLi6gdDtUHnooYgiV9Wi0Is9vgDiFmhMZJqNchk8It_C219jXakffUoFV6SZUUTSJBfRz698KBTZe9aWgZCEtrcpqhFt-R9LJV5NedshRl4kqeZXflcEyluUI9P2mS9RsKvZuM0UupxbZyxOPLXuI2tHHMnrGidgAmwzAgyE3tgrTZ98xG6RDdttzujVD2K_CP3SbUdLb_KpL7KgY7zIJfLb2CoxTM2qvZ2P4AelAt57y8-jrfd8t2n4zbdZMFqy9xRdtCN_Nj7BP88BGNOYTJ7RIklTafp87h_mmDFp9iuqYHEgK-7TdtCkdVeQpreIu3pZDSqR_PCptH4x0z8MjMfN4tH9jitJ4IoUIEk7zY0DakhnbISOGgHKTOoTBCk8X2tEhCWaLbKHpOvKRc5tMrGCTl7wjSZRCJxR8XW_Kj0L5-eZMg633AwPdFyHp8ORbcfgHsXvqvPVVTJcrRGF9j-dbRsdLLS5ydQu1l1k56aPfcsmltAzunRe3RbeD34_2VxOZyHts4T-CGFTqhqqmNKlvDWM3NdrE0XmXyFP83-tRNS5_Iq-lb5LcmNx6iJPGPI6mtxiKtj663002vFK5aBPmHTjKqnxkJ3y6lEqpGC9tVRZWDCu_-Pc92f7V2R1REPiiuKrZyBkFTlFDMvmaVuQ8nytoTh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ni.biz.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame AC38 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=2~l46yound&c=7997804207404&slotId=3998902103702&qqid=CLbBwtCnoPgCFTKncQodBDcFBg&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=1000&br=49&mt=video%2Fmp4&vs=320x50&ulv=1&cll=0&vast_v=2.0&vmfc=6&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C43%2C342&webm=1&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=342&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4003:c04::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 11:54:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| adsbygoogle object| __gcse object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| googleNDT_ number| googleAltLoader object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.ni.biz.ua/ Name: __gads
Value: ID=a906d9eb64791c13-229738a3a7cd009f:T=1654775637:RT=1654775637:S=ALNI_MahXwMFc5lU5K9H4zHdoGhX4G5Nvg
.doubleclick.net/ Name: IDE
Value: AHWqTUnW0fFEIa2rB8Jr2jhvcsn-6bH9X7h8lliN35VMc0rwj7T8Rij0EYe1dLxoCdA
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
bid.g.doubleclick.net
clients1.google.com
cse.google.com
csi.gstatic.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
ni.biz.ua
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-aigzrner.c.2mdn.net
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleapis.com
www.googletagservices.com
142.250.185.194
142.251.5.154
2607:f8b0:4003:c04::5e
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4009:1::8
91.234.33.240
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
10abe2920577f10efe0b2b493437e0f6f2c040e75ad62bc8896d90750e9f41d1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
26a20378e5da24749f4b996908224eb56894f72f4bf10a494411bfc32de7d31e
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2e95c4d63838a6dc2574c8e990e94fa86078fe8861f4cdd526ebe5606b6181f1
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
364f62dbdb705912732fbfadc50596aa4d07288ccb22fc2e96e4fa7f3adaaf86
3921d22e340021189f986befdb097d34a4d1142b3c0a2565ef53f5d0971c1748
42a1e7ba9244e0944857902f3e4e4460edb4a29c2e0d27c1da5f19addae17af4
464e78d988e33ba65456ac1f131252f4de867569177981cdebc0a989807af854
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4c02b4d673ca4895da0f2d993dcb5f54d8508bb8894b19b99446e310835ed037
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
526174ff36afeb450b46a1eda5c625cec3aeeae100161a1f2aa8392df85c9d8e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
696701ff246197eec19b99092471f6d12ae19607fac0d48cc9996d93a4833271
7b5f7a8738cea026482ec8051f74700313fcc9be6b210be1a45dd86bfc3d93d7
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
7ef62a38f3a141b536ddcbad80f0395a05cc3bf498de48894fac756cd948a282
83c15ddd94af921d855c153e98f5b29d9951bdba6f52d703f7662514f7c62725
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7529f444584dca11f6461c147e677a11cb142a9ce1bb644b11ba4b561d72987
b1f1fd543e14c5e19e810309bcbfd30a35c551d3b6bb0acc4cf642d00c1fdb16
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c9999d3917847a2dbfcff09aad2f0e375f7057733e509988a760d4fc4b597b62
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
d85e0b83efe834b6f45c0769e11e91d95a388136ad405d8aee07197e6ff7a820
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de75f74c16ee260673a91f8253b007a4d454690220b5ed46379dd071518ea753
de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed24612052f9aa80f27aad4476e6d77f041fb29bf30b4b06b361b9384508e6b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17fc5d86f346fa31d9173643f7151749cf6612525e84cdb40559ab2ba4ebc52
fc6a53a5753c2e1f69b0db4aa9d4b9a0ac0ae320e2508e9ca3d1f543086ab476
fc8881ca9afb7fd3713d48b6959658f4d6ea90b049563a0b25152a3e67135f9b
fdedcb1a826b38f55c11dac1ece51026c812d4a58bc05b97342549917c5f2429
ff1ac13f78501eef5add26bfd069229a58048415a92903c869ee4d2dabc665a1