zhovta.ua Open in urlscan Pro
144.76.118.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zhovta.ua/
Effective URL:
https://zhovta.ua/
Submission: On July 23 via api (July 23rd 2022, 12:05:20 pm UTC) from GB — Scanned from GB

Summary HTTP 148 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 18 domains to perform 148 HTTP transactions. The main IP is 144.76.118.10, located in Germany and belongs to HETZNER-AS, DE. The main domain is zhovta.ua.
TLS certificate: Issued by GoGetSSL RSA DV CA on June 5th 2022. Valid for: a year.

This is the only time zhovta.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	144.76.118.10 144.76.118.10	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 24	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	216.58.208.194 216.58.208.194	15169 (GOOGLE) (GOOGLE)
1	5.135.142.37 5.135.142.37	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	66.102.1.155 66.102.1.155	15169 (GOOGLE) (GOOGLE)
1	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:e::a	15169 (GOOGLE) (GOOGLE)
148	34

30 144.76.118.10 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: zhovta.com

zhovta.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.zhovta.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.194 (United States)

ASN15169 (GOOGLE, US)
PTR: waw07s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.142.37 (Chasne-sur-Illet, France)

ASN16276 (OVH, FR)
PTR: js05.adlooxtracking.com

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:e::a (London, United Kingdom)

ASN15169 (GOOGLE, US)

r5---sn-aigl6nze.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com 2 redirects 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	291 KB
30	zhovta.ua 1 redirects zhovta.ua s1.zhovta.ua	761 KB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 static.doubleclick.net — Cisco Umbrella Rank: 467 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296 bid.g.doubleclick.net — Cisco Umbrella Rank: 463 pubads.g.doubleclick.net — Cisco Umbrella Rank: 477	988 KB
10	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 310 ajax.googleapis.com — Cisco Umbrella Rank: 303 fonts.googleapis.com — Cisco Umbrella Rank: 72 imasdk.googleapis.com — Cisco Umbrella Rank: 434	336 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	83 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	72 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	197 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	4 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3701	58 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 407 www.google-analytics.com — Cisco Umbrella Rank: 52	37 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	3 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1676 r5---sn-aigl6nze.gvt1.com — Cisco Umbrella Rank: 311593	2 MB
2	adlooxtracking.com j.adlooxtracking.com — Cisco Umbrella Rank: 9058 data00.adlooxtracking.com — Cisco Umbrella Rank: 8423	68 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	426 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 613	70 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4623	792 B
148	18

	Domain	Requested by
24	tpc.googlesyndication.com	2 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
18	s1.zhovta.ua	zhovta.ua
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com googleads.g.doubleclick.net zhovta.ua www.googletagservices.com
12	zhovta.ua	1 redirects zhovta.ua
7	www.google.com	1 redirects tpc.googlesyndication.com 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net zhovta.ua 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
6	08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	s0.2mdn.net	08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
5	www.googletagservices.com	zhovta.ua 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com zhovta.ua
4	mc.yandex.ru	1 redirects zhovta.ua
4	maps.googleapis.com	zhovta.ua maps.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	static.doubleclick.net	08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
3	fonts.googleapis.com	08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
2	csi.gstatic.com	imasdk.googleapis.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	imasdk.googleapis.com	08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
2	www.gstatic.com	08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
2	www.facebook.com	zhovta.ua
2	connect.facebook.net	zhovta.ua connect.facebook.net
2	www.google-analytics.com	zhovta.ua www.google-analytics.com
2	ssl.google-analytics.com	zhovta.ua
2	code.jquery.com	zhovta.ua
1	r5---sn-aigl6nze.gvt1.com
1	redirector.gvt1.com	1 redirects
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	data00.adlooxtracking.com	j.adlooxtracking.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	j.adlooxtracking.com	googleads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	ajax.googleapis.com	zhovta.ua
148	36

This site contains links to these domains. Also see Links.

Domain
business.facebook.com
ru.zhovta.ua
robota.zhovta.ua
dim.zhovta.ua
auto.zhovta.ua
zhovta.info
www.facebook.com

Subject Issuer	Validity	Valid
*.zhovta.ua GoGetSSL RSA DV CA	`2022-06-05` - `2023-07-05`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-01` - `2022-07-30`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.adlooxtracking.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://zhovta.ua/
Frame ID: 0D2BAD3E309234128B00FD68F330897C
Requests: 56 HTTP requests in this frame

Frame: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3BE0EFF9B500031F7C56F841E1D82B7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7F653C875F3FB4CBE9C299C10A2C5A2B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE22D1B3F2B6AD269CDE121666D03A46
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FFF050627E2AEF17D55F2C6F6211355B
Requests: 2 HTTP requests in this frame

Frame: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0FED12C548511031A9D8CEB1590748DB
Requests: 17 HTTP requests in this frame

Frame: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FCACCBAB7F1948A762C9187BE9E6F254
Requests: 14 HTTP requests in this frame

Frame: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84AFB4374811C5A6F294955B755CEAB8
Requests: 19 HTTP requests in this frame

Frame: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3EE115F481F093EB973D93AA50600A37
Requests: 14 HTTP requests in this frame

Frame: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34C1FF9A6DFD7FBA39E72C7665EAFF96
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNUVgdjn-IBy19mmeVMCadQQe7zRZ51Dcqm68A0j2mQvqkun4XIHX5WfNMOh33W-5QipnO9C0T2QgItHZhBVdEkM3BPy67zLtwdk2QF6B8C-ncDURSK4MHUKCdS4vatOnKGYo0JhT9zCbU_yaOuibAWzkwYobF0Rb2M7XQSuhfGR_PNRVrU
Frame ID: D889BA7286263C43E95B4E67E7EF4E7D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 54883744C263F8284B23C3DB99ACA89B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 861005BA1BCF9D86A8D8165B9B755E2B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 44CFC96FB16FC65F5328A2C99F04FD91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 86F0E57858DEBCB63093C92B462E2A86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 9CCFB5AB65176108C72673BA6949AB35
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: DEFEB7B1C90FBF02BA9174F8504B0369
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дошка безкоштовних оголошень України | Zhovta.ua

Page URL History Show full URLs

http://zhovta.ua/ HTTP 301
https://zhovta.ua/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

148
Requests

95 %
HTTPS

74 %
IPv6

18
Domains

36
Subdomains

34
IPs

7
Countries

5603 kB
Transfer

9039 kB
Size

29
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://business.facebook.com/Zhovta.UA

Search URL Search Domain Scan URL

URL: https://ru.zhovta.ua/
Title: Рус

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/
Title: РОБОТА

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/
Title: НЕРУХОМІСТЬ

Search URL Search Domain Scan URL

URL: https://auto.zhovta.ua/
Title: АВТО

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/spivrobitnik-ohoroni-z-p-vid-17000-grn-o336620
Title: Співробітник охорони, з/п від 17000 грн.

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/komplektuvalnik-o379659
Title: Комплектувальник

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/rabota-v-ohrane-o352785
Title: Работа в охране

Search URL Search Domain Scan URL

URL: https://robota.zhovta.ua/ogol/robota-vodii-z-avto-o353123
Title: робота водій з авто

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/zdam-v-orendu-pidval-o380249
Title: Здам в оренду підвал

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/zdayutsya-v-orendu-ofisni-primischennya-vid-16-m2-o380662
Title: Здаються в оренду офісні приміщення, від 16 м2

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/proponuemo-v-orendu-primischennya-1300-m2-o380735
Title: Пропонуємо в оренду приміщення 1300 м2

Search URL Search Domain Scan URL

URL: https://dim.zhovta.ua/ogol/orenda-sklada-vul-polovka-o380862
Title: ОРЕНДА СКЛАДА вул. Половка

Search URL Search Domain Scan URL

URL: https://zhovta.info/
Title: Маркетплейс (підприємства, товари, послуги)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zhovta.ua/ HTTP 301
https://zhovta.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://mc.yandex.ru/watch/289152?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4nvpvqabr08%3Afp%3A1132%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1218412511083%3Ahid%3A218643285%3Az%3A0%3Ai%3A20220723120515%3Aet%3A1658577915%3Ac%3A1%3Arn%3A429457783%3Arqn%3A1%3Au%3A1658577915275772298%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658577913700%3Ads%3A0%2C88%2C359%2C2%2C431%2C0%2C%2C327%2C20%2C%2C%2C%2C1207%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658577915%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4nvpvqabr08%3Afp%3A1132%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1218412511083%3Ahid%3A218643285%3Az%3A0%3Ai%3A20220723120515%3Aet%3A1658577915%3Ac%3A1%3Arn%3A429457783%3Arqn%3A1%3Au%3A1658577915275772298%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658577913700%3Ads%3A0%2C88%2C359%2C2%2C431%2C0%2C%2C327%2C20%2C%2C%2C%2C1207%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658577915%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 74

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrsduo9wEQgAgYgAgyCAQJsjsVqInY HTTP 301
https://tpc.googlesyndication.com/simgad/10091498889470987024

Request Chain 92

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrsduo9wEQgAgYgAgyCAQJsjsVqInY HTTP 301
https://tpc.googlesyndication.com/simgad/10091498889470987024

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFzksxODzeW1s0j-SryEiA&google_cver=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ytvj-MqVhHapez8AaZ.txgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENONE2unfO75tghr8XBwIDc&google_cver=1&google_hm=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIEaEbduC4LcZWHy5LUTCfs&google_cver=1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjM2NTc4OTI5NjU3Nzc1MQ%3D%3D

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://redirector.gvt1.com/videoplayback/id/640662bc18b7396d/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1658599517/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/89291A71A596C2788B7426C9B7CA76C54D809C58.98DA9566A4ED5CD809A412335C8FD14E74DB4C95/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-aigl6nze.gvt1.com/videoplayback/id/640662bc18b7396d/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1658599517/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/6ABE4BF6B371F68D59D185EB8D89E1E079A29921.83DFF62B852F42B23FA7C9E23ADD0E6C4E6EFE73/key/cms1/cms_redirect/yes/mh/id/mip/2001:ac8:21:e::7/mm/28/mn/sn-aigl6nze/ms/nvh/mt/1658577621/mv/m/mvi/5/pl/48/file/file.mp4

148 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
zhovta.ua/
Redirect Chain

http://zhovta.ua/
https://zhovta.ua/

72 KB
15 KB

447ms
359ms

Document
text/html

144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 5ce121e73e92f53052d478d0de784eb77eda0fe4fe423d75c48e1f11a31c2f0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Jul 2022 12:05:14 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 23 Jul 2022 12:05:14 GMT
Location: https://zhovta.ua/
Server: nginx

GET
H2 200 jquery-ui.min.css
code.jquery.com/ui/1.11.1/themes/smoothness/ 29 KB
7 KB 108ms
32ms Stylesheet
text/css 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.1/themes/smoothness/jquery-ui.min.css
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b60f9f86d77e2bc5425dcc7d4a02bda887f74aca04ea1b14ab147dcc91b9295

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:14 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-7545"
vary: Accept-Encoding
x-hw: 1658577914.dop246.lo4.t,1658577914.cds274.lo4.hn,1658577914.cds212.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7323

GET
H/1.1 200
OK font-awesome.min.css
s1.zhovta.ua/fonts/font-awesome-4.2.0/css/ 21 KB
5 KB 179ms
44ms Stylesheet
text/css 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.zhovta.ua/fonts/font-awesome-4.2.0/css/font-awesome.min.css
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: W/"57920fe0-55e0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bb0285d65af2dea7ab100b91f300dd8211894707950.css
zhovta.ua/css/builds/ 283 KB
48 KB 51ms
50ms Stylesheet
text/css 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: b8b470f036a118349c673d320ea1d200f488f6ae084b1125c1583ed72ebd6b59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 Mar 2020 15:23:09 GMT
Server: nginx
ETag: W/"5e650ddd-46a79"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 142ms
49ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccd8c94ce20a42526ca07875d7e1d948015efe50c317f70413cdfc5847ddc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28361
x-xss-protection: 0
server: sffe
etag: "1281 / 350 of 1000 / last-modified: 1658527563"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Jul 2022 12:05:14 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 161 KB
53 KB 180ms
76ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7fb5d5fc04526984cd2241e968ef4e317757bdc1c08cefbd77fed9ca80ebd4ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:14 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=26
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54012
x-xss-protection: 0
expires: Sat, 23 Jul 2022 12:35:14 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.2/ 82 KB
29 KB 133ms
43ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 10:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29456
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 10:56:07 GMT

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.11.1/ 233 KB
62 KB 111ms
37ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.1/jquery-ui.min.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:14 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3a2ea"
vary: Accept-Encoding
x-hw: 1658577914.dop246.lo4.t,1658577914.cds274.lo4.hn,1658577914.cds273.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 63672

GET
H/1.1 200
OK jquery.validate.min.js Show response
s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/ 21 KB
7 KB 179ms
46ms Script
application/javascript 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/jquery.validate.min.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2016 12:21:53 GMT
Server: nginx
ETag: W/"57920fe1-5450"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo_ua.jpg
zhovta.ua/images/admin/ 29 KB
29 KB 177ms
86ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/images/admin/logo_ua.jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 2fea1b9a08df090b0287d5f753dbbcce5f9044bd649449431d85354fafd31d4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Wed, 15 Jan 2020 10:43:45 GMT
Server: nginx
ETag: "5e1eece1-737a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29562
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK f8a192a52dbfa4f9713d962cabe0eace.jpeg
zhovta.ua/storage/slider/ 33 KB
33 KB 176ms
85ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/storage/slider/f8a192a52dbfa4f9713d962cabe0eace.jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: ed37304123b9f91a8141d4c161e452977acc50e64925f8c2a069f7a974ea9002

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Wed, 10 Jun 2020 09:52:06 GMT
Server: nginx
ETag: "5ee0ad46-82de"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33502
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9951b1eeceb361afbb077e79eceee98b.jpeg
zhovta.ua/storage/slider/ 30 KB
31 KB 147ms
45ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/storage/slider/9951b1eeceb361afbb077e79eceee98b.jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 4ebb31cfd35098e8e8addfc231854acc85dd2fd0228ceabf498edb9055592deb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Thu, 19 Nov 2020 12:45:36 GMT
Server: nginx
ETag: "5fb668f0-79e7"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31207
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7a46a22e9bf1e521454a278691e59afa.jpeg
zhovta.ua/storage/slider/ 36 KB
36 KB 194ms
45ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/storage/slider/7a46a22e9bf1e521454a278691e59afa.jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: efbe4d9113fe429cb94a9aed4a144dc51a369c96ce916b19471bf981877c9cec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Tue, 01 Sep 2020 07:51:49 GMT
Server: nginx
ETag: "5f4dfd95-8e3b"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36411
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 76a132c0eafb2e2449039427c204e7b6-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 25 KB
25 KB 49ms
45ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/76a132c0eafb2e2449039427c204e7b6-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 215096fd47f27f7748584edb8098a4f8260ca6aea28d2b1890edf780c5bba374

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Thu, 05 Sep 2019 09:41:16 GMT
Server: nginx
ETag: "5d70d83c-6485"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25733
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK df35d49798612ed7a8a1edade169073c-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 28 KB
29 KB 256ms
44ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/df35d49798612ed7a8a1edade169073c-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: e3fe16dd530a8fa1a54c83237d4ac55a2b8ad2514c8354a2da0e27f7f1549b81

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:15 GMT
Last-Modified: Thu, 21 Jul 2022 11:05:54 GMT
Server: nginx
ETag: "62d93312-70da"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28890
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6d82b24ef09ce05fedf59a74981b3834-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 17 KB
17 KB 140ms
85ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/6d82b24ef09ce05fedf59a74981b3834-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 5f4779250b6a72f5b6c4617a480bb764646e212321873ef7aeb9beb4c819ff6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Thu, 18 Jun 2020 10:01:30 GMT
Server: nginx
ETag: "5eeb3b7a-4357"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17239
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6d196cb88b0ef4c9c0d52db3aba7c97f-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 28 KB
29 KB 171ms
84ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/6d196cb88b0ef4c9c0d52db3aba7c97f-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: ce53b7d94b6c6dae3b978f4fc50811064baa4ca79935dc11c7e2223301c59f96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Wed, 24 Jun 2020 11:16:42 GMT
Server: nginx
ETag: "5ef3361a-71fb"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29179
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7400507c703aa13ebde62ed8cf15e81a-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 24 KB
25 KB 172ms
85ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/7400507c703aa13ebde62ed8cf15e81a-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: d4fa5d4b88126710b9e65ec883dae16c991fd51b837a3e9f7bef30c47d90147d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Mon, 16 Dec 2019 10:23:50 GMT
Server: nginx
ETag: "5df75b36-613d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24893
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3cd9cf48bf1c7ff8f54fb5449c33adfc-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 18 KB
18 KB 99ms
44ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/3cd9cf48bf1c7ff8f54fb5449c33adfc-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: df0a549a1389d264746969d3af4d97b54b5efe395273f5a64b708570f8a02657

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Mon, 23 Dec 2019 10:28:16 GMT
Server: nginx
ETag: "5e0096c0-4648"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17992
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9104e92289842790a3c58d793baab617-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 31 KB
31 KB 141ms
44ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/9104e92289842790a3c58d793baab617-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 522284064e5f4c37a4dfcdb6025cb110dc1ba941aea0696b5df1b0011d817bfe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Thu, 17 Dec 2020 08:54:58 GMT
Server: nginx
ETag: "5fdb1ce2-7ab6"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31414
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 45d849d25a3c961617e763a2fac8e57f-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 32 KB
32 KB 143ms
43ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/45d849d25a3c961617e763a2fac8e57f-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 6b8af26e3c5c85e0fcddb449e612da2f10dad9c70445dd8b9f8f1a0109a32492

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Wed, 25 Sep 2019 17:27:20 GMT
Server: nginx
ETag: "5d8ba378-7fee"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32750
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK a9b33d6eabb44e247f0bbf71cba9aaa9-image(415x310-crop).jpeg
s1.zhovta.ua/simgs/ 13 KB
14 KB 97ms
44ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/a9b33d6eabb44e247f0bbf71cba9aaa9-image(415x310-crop).jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 4ac5bd273896c95b8a865cb54811484d157ed725708a1c53e949e7f8d9cf301f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Sun, 17 Jul 2022 10:02:01 GMT
Server: nginx
ETag: "62d3de19-35a6"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13734
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK no-foto-370x370-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 6 KB
6 KB 132ms
44ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/no-foto-370x370-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 94d225dea35625dd151445c5f7e3a5f1b309cc0a5d2395f22c83d5d2616e657a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Sun, 15 Jan 2017 09:23:45 GMT
Server: nginx
ETag: "587b3fa1-16e5"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5861
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 4b41ba54461a13b5c8e7a2e6a5245296-image(415x310-crop).JPG
s1.zhovta.ua/simgs/ 13 KB
14 KB 177ms
44ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/4b41ba54461a13b5c8e7a2e6a5245296-image(415x310-crop).JPG
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 1ee352c57d251ef3ae54220f580e1a536f79c11ba92c7ff4c5ebb9a29d4ede50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:15 GMT
Last-Modified: Thu, 26 Dec 2019 13:52:11 GMT
Server: nginx
ETag: "5e04bb0b-3573"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13683
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 559e4d191d27921a02d55b19f0037e28-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 24 KB
24 KB 217ms
45ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/559e4d191d27921a02d55b19f0037e28-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 11233aa7e1842c2eed5585f4d057f4c8603a1a1d8a060f168565759338864219

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:15 GMT
Last-Modified: Tue, 28 Jun 2022 09:50:39 GMT
Server: nginx
ETag: "62baceef-5efa"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24314
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 537c07a5fc1846161439920ba8e6933d-image(415x310-crop).jpg
s1.zhovta.ua/simgs/ 19 KB
19 KB 52ms
46ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/537c07a5fc1846161439920ba8e6933d-image(415x310-crop).jpg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 06153f41d1008b4e9692ea0d361f3a0506ceaeba499cbf543048b27a47b7daa3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Tue, 12 Jul 2022 08:10:16 GMT
Server: nginx
ETag: "62cd2c68-4bad"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19373
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 74837bfcd40b206bb2cf67198bb27535-image(250x150-crop).jpeg
s1.zhovta.ua/simgs/ 7 KB
7 KB 184ms
43ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/74837bfcd40b206bb2cf67198bb27535-image(250x150-crop).jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: c75d0893bf63c26d4c0c06f6e0cfdcca24ffbc6431f8148f6243c30687b82ae0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:15 GMT
Last-Modified: Sat, 28 Dec 2019 14:54:23 GMT
Server: nginx
ETag: "5e076c9f-1c8f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7311
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 51f39a6f7a6e3b145a8c083fc0b36880-image(250x150-crop).jpeg
s1.zhovta.ua/simgs/ 8 KB
9 KB 216ms
44ms Image
image/jpeg 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.zhovta.ua/simgs/51f39a6f7a6e3b145a8c083fc0b36880-image(250x150-crop).jpeg
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 94c8eaf7108f6b5de448268aa780b464b7825d476d350ba673d858715618b977

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:15 GMT
Last-Modified: Wed, 14 Mar 2018 17:23:46 GMT
Server: nginx
ETag: "5aa95aa2-217f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8575
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11f50341b718c5a358533924c6e81abf26547525819.js Show response
zhovta.ua/js/builds/ 266 KB
70 KB 53ms
52ms Script
application/javascript 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/js/builds/11f50341b718c5a358533924c6e81abf26547525819.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 49d70a9c2a0babf52874d753368dd42cd19187173f4687b6e66618fed2123a37

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2018 19:59:42 GMT
Server: nginx
ETag: W/"5bcf7dae-4293d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messages_ua.js Show response
s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/localization/ 2 KB
1005 B 43ms
43ms Script
application/javascript 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.zhovta.ua/plugins/jquery-validation-1.13.1/dist/localization/messages_ua.js
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 12b3f9e370af4069d73b9b4a9659a80419a83a72bfd4c08a577e7d35e0226f10

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2016 12:21:53 GMT
Server: nginx
ETag: W/"57920fe1-706"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4460
date: Sat, 23 Jul 2022 10:50:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 23 Jul 2022 12:50:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3794
date: Sat, 23 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 23 Jul 2022 13:02:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 122ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26093
x-xss-protection: 0
pragma: public
x-fb-debug: zZcCXWjTt7d7teaNPSj+mP2xn82qfnQ2zIpjy9LM9tiAlMO0E0bJcs9IbtKmYrnLi8FIxfP8mZhgHNcOE4daeQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 23 Jul 2022 12:05:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sprite.png
zhovta.ua/images/ 28 KB
28 KB 168ms
85ms Image
image/png 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhovta.ua/images/sprite.png
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 5744b93d719cb88f6b376b2fc28e82ae1a802971ff11dbf8b145e19b93dddbef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: "57920fe0-70a3"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28835
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85f52ae01a1ca60a7c5d40c7a9008f320519bb1e11b50db65e8fc797f5258f7f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ubuntu-b.woff
zhovta.ua/fonts/ubuntu/ 47 KB
47 KB 94ms
46ms Font
font/woff 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/fonts/ubuntu/ubuntu-b.woff
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 6a82dab8b342d2b2ddff4960ef2c7be8ade29e10429aed3b8238ec41d3874b4f

Request headers

Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Origin: https://zhovta.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: "57920fe0-bca0"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48288
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
zhovta.ua/css/fonts/ 64 KB
64 KB 167ms
85ms Font
font/woff 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/css/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Origin: https://zhovta.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Sun, 08 Mar 2020 14:38:25 GMT
Server: nginx
ETag: "5e650361-ffac"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65452
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ubuntu-r.woff
zhovta.ua/fonts/ubuntu/ 46 KB
46 KB 170ms
85ms Font
font/woff 144.76.118.10
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zhovta.ua/fonts/ubuntu/ubuntu-r.woff
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.118.10 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: zhovta.com
Software: nginx /
Resource Hash: ceb4fbd7e9cfd6afbb7c05c6b95cf7003a851a2d2aec41444c6803219c034858

Request headers

Referer: https://zhovta.ua/css/builds/bb0285d65af2dea7ab100b91f300dd8211894707950.css
Origin: https://zhovta.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:14 GMT
Last-Modified: Fri, 22 Jul 2016 12:21:52 GMT
Server: nginx
ETag: "57920fe0-b7cc"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47052
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 370ms
181ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c38fc26130ffe6948b78e92a64f33ae20bcb88466450ffcc56e85a00e85be43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:15 GMT
content-encoding: br
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-dda2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56738
expires: Sat, 23 Jul 2022 13:05:15 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 48ms
47ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=301483247&utmhn=zhovta.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&utmhid=1359150436&utmr=-&utmp=%2F&utmht=1658577914996&utmac=UA-4049280-1&utmcc=__utma%3D178520687.1101086480.1658577915.1658577915.1658577915.1%3B%2B__utmz%3D178520687.1658577915.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=930513750&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 48ms
47ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1359150436&t=pageview&_s=1&dl=https%3A%2F%2Fzhovta.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=178520687.1101086480.1658577915.1658577915.1658577915.1&_utmz=178520687.1658577915.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1658577915010&_u=IQBCAEABAAAAAC~&jid=1215639639&gjid=1294488558&cid=1101086480.1658577915&tid=UA-4049280-8&_gid=1995942914.1658577915&_r=1&_slc=1&z=1764659363

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zhovta.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zhovta.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 389836378102754 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/389836378102754?v=2.9.66&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

929c0a65ab6718c9a78a097f6b78f07168ff88ea1310cc7bd17c9f222dcb53a6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85785
x-xss-protection: 0
pragma: public
x-fb-debug: ftOQZO4QFeThVpIW0bj7O8xxM/CMTER8DAECfegfpi6qQcISUm2IiQYPkhRDUfkiJeQsKI6E8X1mlTJF5JhDHg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 23 Jul 2022 12:05:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2022071901.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
129 KB 145ms
42ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 07:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131527
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Jul 2023 07:19:31 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
701 B 151ms
49ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=zhovta.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

528be60b632807c7cbab0866c94d5eb88c3dc77bcf5fcb0dc81d0fbb798fc8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 12:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65
x-xss-protection: 0
expires: Sat, 23 Jul 2022 12:05:15 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 135ms
53ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://zhovta.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 132ms
42ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=389836378102754&ev=PageView&dl=https%3A%2F%2Fzhovta.ua%2F&rl=&if=false&ts=1658577915127&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658577915126.332689627&it=1658577915018&coo=false&rqm=GET

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 23 Jul 2022 12:05:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 140ms
50ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=zhovta.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 12:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zhovta.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 12:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 533 KB
97 KB 854ms
770ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2524363107011222&correlator=2432247580469814&eid=31068526%2C31068572%2C31068591%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=10471298%2Ctop%2Cright1%2Cright2%2Cbottom1%2Cbottom2%2Cbottom3%2Cbottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=970x90%7C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90&ifi=1&adks=4124708693%2C2245009037%2C2147588136%2C1433280869%2C161556115%2C3656164445%2C1544126351&sfv=1-0-38&ecs=20220723&fsapi=false&cust_params=%25D0%25A1%25D0%25B0%25D0%25B9%25D1%2582%3DZhovta.UA%26%25D0%25A2%25D0%25B8%25D0%25BF%3D%25D0%2593%25D0%25BE%25D0%25BB%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B0&sc=1&cookie_enabled=1&abxe=1&dt=1658577915331&lmt=1658577915&dlt=1658577914584&idt=715&adxs=315%2C-9%2C-9%2C223%2C650%2C1077%2C315&adys=10%2C-9%2C-9%2C2287%2C2287%2C2287%2C2546&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fzhovta.ua%2F&frm=20&vis=1&psz=1280x20%7C0x-1%7C0x-1%7C426x-1%7C426x-1%7C426x-1%7C1066x-1&msz=1260x0%7C0x-1%7C0x-1%7C406x-1%7C406x-1%7C406x-1%7C1046x-1&fws=0%2C2%2C2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1101086480.1658577915&ga_sid=1658577915&ga_hid=1359150436&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

54133850c78253161a6ca729e8c69e0ff6f46e7f7ca22f3632ce3fcc70c2adf8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COy78Zv8jvkCFY0W4AodXmEFlg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COy78Zv8jvkCFY0W4AodXmEFlg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99355
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
date: Sat, 23 Jul 2022 12:05:16 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zhovta.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B3BE 6 KB
4 KB 164ms
47ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
expires: Sun, 23 Jul 2023 12:05:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/289152/
Redirect Chain

https://mc.yandex.ru/watch/289152?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4nvpvqabr08%3Afp%3A1132%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.ru/watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4nvpvqabr08%3Afp%3A1132%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...

338 B
420 B

97ms
97ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4nvpvqabr08%3Afp%3A1132%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1218412511083%3Ahid%3A218643285%3Az%3A0%3Ai%3A20220723120515%3Aet%3A1658577915%3Ac%3A1%3Arn%3A429457783%3Arqn%3A1%3Au%3A1658577915275772298%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658577913700%3Ads%3A0%2C88%2C359%2C2%2C431%2C0%2C%2C327%2C20%2C%2C%2C%2C1207%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658577915%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0663c2a0d8e231062e68a7126e357d0cc8fc893411b4bb215982a20370d27aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:15 GMT
x-content-type-options: nosniff
last-modified: Sat, 23-Jul-2022 12:05:15 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://zhovta.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Sat, 23-Jul-2022 12:05:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:15 GMT
last-modified: Sat, 23-Jul-2022 12:05:15 GMT
location: /watch/289152/1?wmode=7&page-url=https%3A%2F%2Fzhovta.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2xjocdbdc4nvpvqabr08%3Afp%3A1132%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1218412511083%3Ahid%3A218643285%3Az%3A0%3Ai%3A20220723120515%3Aet%3A1658577915%3Ac%3A1%3Arn%3A429457783%3Arqn%3A1%3Au%3A1658577915275772298%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658577913700%3Ads%3A0%2C88%2C359%2C2%2C431%2C0%2C%2C327%2C20%2C%2C%2C%2C1207%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658577915%3At%3A%D0%94%D0%BE%D1%88%D0%BA%D0%B0%20%D0%B1%D0%B5%D0%B7%D0%BA%D0%BE%D1%88%D1%82%D0%BE%D0%B2%D0%BD%D0%B8%D1%85%20%D0%BE%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D1%8C%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20Zhovta.ua&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://zhovta.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 23-Jul-2022 12:05:15 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
111 B 90ms
90ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:15 GMT
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 23 Jul 2022 13:05:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 157ms
62ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21e935e0e65d892214a7d1136b305c42c9c81182c63c9e26a1af37edf4da436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 12:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10917
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7F65 0
18 B 83ms
40ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zhovta.ua
Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://zhovta.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 147ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 12:05:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE22 13 KB
5 KB 133ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 11:11:31 GMT
expires: Sun, 23 Jul 2023 11:11:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FFF0 783 B
1 KB 149ms
51ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae7aeb0d4690f0fd8b37ea623294d29345482407e6153dcea0fbae3204fe8236

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UDFWviLOjXnt0g4W3NohBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-UDFWviLOjXnt0g4W3NohBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
expires: Sat, 23 Jul 2022 12:05:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FFF0 0
0 160ms
76ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071901&jk=2524363107011222&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame DE22 36 KB
14 KB 123ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 12:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 12:14:38 GMT

GET
H3 200 container.html Show response
08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0FED 6 KB
3 KB 133ms
53ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
expires: Sun, 23 Jul 2023 12:05:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FCAC 6 KB
3 KB 78ms
43ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
expires: Sun, 23 Jul 2023 12:05:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84AF 6 KB
3 KB 80ms
50ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
expires: Sun, 23 Jul 2023 12:05:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3EE1 6 KB
3 KB 71ms
47ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
expires: Sun, 23 Jul 2023 12:05:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34C1 6 KB
3 KB 71ms
52ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zhovta.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:15 GMT
expires: Sun, 23 Jul 2023 12:05:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DE22 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?00-Biw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame FCAC 4 KB
1 KB 160ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Jul 2022 11:30:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Jul 2022 12:05:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Jul 2022 12:05:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame FCAC 2 KB
902 B 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:25:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FCAC 0
0 93ms
93ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf1GO--PbYqnSHo2tgAfewpWwCe7OhMlqhZLbm5sMoIeA7JACEAEguNv1EmC7hoCA0AqgAbC6odcDyAEJqQJcLBabbCKxPuACAKgDAcgDywSqBN4BT9CTQLj_GII4QAOuB4uOmKNa5fEG8RCTgikK02UuIXimfoRar2oQqxn3litmgyqF2eiwClvqilWgZDOf96jEA7rg_FOAJfKcuSWkBUTYs5NI8w0z4vaND7Bada2JW9LJ9P48l2NATgdObSKyFgLJFAD4et9mlhZYLLMjiUYZNsTD85yzwqkF6FnQv2xuMdr3aT6IcUjWxZqT4Y2YVCDZFqKR8gDenoMseTS4onJ9zMte5HitD0yThMmESS0Uh52J1AbhTSopZjGwGjzzzuXI4MDa5AmCU2pY8aEO4rOIwATuzo_XmgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH5-HQYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD8wAHSCBIIiOGAEBABGB0yA6qCAToCgECACgHICwHYEwyIFAPQFQGAFwGyFx4KHAgAEhRwdWItNDIwMDg2Nzc0OTYyNTc2OBiq4xA&sigh=FmMpWrWt3wk&uach_m=[UACH]&template_id=494
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame FCAC 21 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:59:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame FCAC 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:49:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCAC 138 KB
42 KB 169ms
80ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 12:05:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame FCAC 17 KB
7 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:19:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FCAC 0
0 149ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmgp9XM-eeVyQJ-tpCJJDw1qyNHp9qIpEafCbC42TJBpnOcZo4F9tyP944fjjrs8Xq9fieygGvWFS6swnn9lZ6g-Bysg
Requested by: Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame FCAC 30 KB
13 KB 145ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:21:57 GMT

GET
DATA 200
OK truncated
/ Frame FCAC 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

10091498889470987024
tpc.googlesyndication.com/simgad/ Frame FCAC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrsduo9wEQgAgYgAgyCAQJsjsVqInY
https://tpc.googlesyndication.com/simgad/10091498889470987024

8 KB
8 KB

48ms
48ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10091498889470987024

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:30:26 GMT
x-content-type-options: nosniff
age: 228890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8502
x-xss-protection: 0
last-modified: Wed, 20 Mar 2019 13:48:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jul 2023 20:30:26 GMT

Redirect headers

date: Fri, 22 Jul 2022 19:18:42 GMT
x-content-type-options: nosniff
server: cafe
age: 60394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/10091498889470987024
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Aug 2022 19:18:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3EE1 4 KB
694 B 140ms
56ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Jul 2022 11:38:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Jul 2022 12:05:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Jul 2022 12:05:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 3EE1 2 KB
902 B 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:25:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3EE1 0
0 85ms
84ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSum7--PbYqvSHo2tgAfewpWwCZSK2LRq5ZXbm5sMrZjQzYAHEAEguNv1EmC7hoCA0AqgAbC6odcDyAEJqQJcLBabbCKxPuACAKgDAcgDywSqBN4BT9CWHAfw3q46Q6pYX3FIEG65lw0JeY4F_ONpflW8QokksmPeeTHOPJgrz0WMp_fpnNCZRM3ERNjxTw75DOfq8B1MwigwoOmCIEFvW2nb-WLrvElhK6y9qeeFRHTThEsj173TcWYzack8llGiZj5L6BA9qiHP_Q3fqHVmEra0NZbn0hI6SD1-QRGZ2-FelknVYPAIeqUa4Qfl6kWxwQcXVXTungIk250RFSYqGk7e534cEgc49Er5wwoOtiqQecCLtTUPE5RTuDEwNfkDPnK5ftzpk3kp0ipAKMnbbX7uwASCo-b0mwPgBAGSBQQIBBgBkgUECAUYBKAGLoAH5-HQYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHAxCtQNIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKAcgLAdgTDIgUBdAVAYAXAbIXHgocCAASFHB1Yi00MjAwODY3NzQ5NjI1NzY4GKrjEA&sigh=lE97YjkQcX8&uach_m=[UACH]&template_id=494
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 3EE1 21 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:59:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 3EE1 3 KB
1 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:49:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EE1 138 KB
42 KB 124ms
60ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 12:05:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 3EE1 17 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:19:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3EE1 0
0 126ms
49ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpDntpD6L4twA3vdufuPW878Qyvb6OTpqFWNq13NwFcFqkNQB-MX4v6Ca5tbVYhyR4JSxS9TdqVASAbqzD3ZezvkC3-Q
Requested by: Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame 3EE1 30 KB
13 KB 128ms
47ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:21:57 GMT

GET
H2 404 abg_lite_fy2021.js
s0.2mdn.net/pagead/js/r20220721/r20110914/ Frame 84AF 0
0 194ms
43ms Script
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:58:20 GMT
x-content-type-options: nosniff
server: sffe
age: 416
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 23 Jul 2022 12:13:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 84AF 8 KB
789 B 135ms
57ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Jul 2022 10:18:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Jul 2022 12:05:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Jul 2022 12:05:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/ Frame 84AF 14 KB
3 KB 141ms
38ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.css

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 12:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 10:40:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 12:49:18 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/ Frame 84AF 354 KB
123 KB 142ms
39ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd0fc1a1e24ea9d6276ed56bab380d668444c7897550335fa11f43845baac20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 12:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125543
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 10:40:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 12:49:18 GMT

GET
H2 404 qs_click_protection_fy2021.js
s0.2mdn.net/pagead/js/r20220721/r20110914/client/ Frame 84AF 0
0 191ms
41ms Script
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:55:14 GMT
x-content-type-options: nosniff
server: sffe
age: 602
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 23 Jul 2022 12:10:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 84AF 0
0 122ms
49ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSr9i07zMwGmsVf78WxYcSEApYUUF4TY5JgKw4n25H5sGOYHCuzXpLzycM_H47Vbkuh-ZXovaNtgDEKP4yigsJKx3BDA
Requested by: Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 34C1 84 KB
29 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 16:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:37:59 GMT

GET
DATA 200
OK truncated
/ Frame 3EE1 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

10091498889470987024
tpc.googlesyndication.com/simgad/ Frame 3EE1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrsduo9wEQgAgYgAgyCAQJsjsVqInY
https://tpc.googlesyndication.com/simgad/10091498889470987024

8 KB
8 KB

40ms
39ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10091498889470987024

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:30:26 GMT
x-content-type-options: nosniff
age: 228890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8502
x-xss-protection: 0
last-modified: Wed, 20 Mar 2019 13:48:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jul 2023 20:30:26 GMT

Redirect headers

date: Fri, 22 Jul 2022 19:18:42 GMT
x-content-type-options: nosniff
server: cafe
age: 60394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/10091498889470987024
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Aug 2022 19:18:42 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D889 624 B
974 B 148ms
52ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNUVgdjn-IBy19mmeVMCadQQe7zRZ51Dcqm68A0j2mQvqkun4XIHX5WfNMOh33W-5QipnO9C0T2QgItHZhBVdEkM3BPy67zLtwdk2QF6B8C-ncDURSK4MHUKCdS4vatOnKGYo0JhT9zCbU_yaOuibAWzkwYobF0Rb2M7XQSuhfGR_PNRVrU

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 12:05:16 GMT
expires: Sat, 23 Jul 2022 12:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0FED 64 KB
31 KB 166ms
72ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5ZfYJkt8VesgadxknoRE3xBFlioCeoacSRxTAntc-EKQIP4efQvJg1x9TF1T9iAzspcdG1_rA0IwLI8Vk3TCAEAGjgQ&cry=1&dbm_d=AKAmf-Bdz5YwMNvI96vfpg8eM5QANEfi-1lmIs-bpq78MGbBi6nMYFhYS5zk_5ZbDWiLwXMAqy7VurnI9Fh1MGUvhCNRghhYWk4fI_BguetmZEoQnz9k9A4IW9fePIGAfR54dYZfTKt73xCh_7UctciDLNsPAHKZc2GK6AYj5pGHnQGBrC1DTm11d8pBaKbzrMpZiVgs0CF8NO9TWB8wbjh6hduDUhUXnNFUMF02mROnerflmjPvmtFSyBZTD0CVO4RjE3FR9u0BBerIflMMtaUpY4S8nQ0-0u3mv8h1PethKdd4ia3y7_YKssllf23Upzvhx2NIfxy5YNotvRD5_1qulG1FLmiq5O13oDQeadpXgiN-8TDs3YCA61y3Y8HtuWyWmuGwf2f42N85foFC-4V72GsH4Nt9nX7t4cdhZsHOA-_pF5-c80SpAFYg4oobeVlHe-i3hjkcodggaXqMErFQeUJNe5RVPIrfdnoLYziI4QWlPOrmbM8k99bHFBx7PTT4CuyFX2lNbNsmVuImpat982opATCvnHf2g_iiKaIyqjtAZaFQ9FHCb7sIeFcoT4Tvg4plIq2QvwgL2Ih32UvQHSADjN3Zz8mNuG-EyDmj1VJAnVaM-foOrTAdrbw4CD1gxyRd12KtVEpWph65ymniQlqAOdCLxT1Xpnq3mwl-vqgKfOgdNBQbvHYpg0_V-2MJXv1KgPHZMDV2i7BZ8lyi46rU_LX127jW41ibVKpQWxvbUeFG1SXbaJpM5qDoDhacvbgTO2buOuUnKsIKvMg8MEPRZPZekIRz6BMC1pDRyWNcDkFu-eugtFRrWZaBqagTDoS1hwLFBJpMoXlACQHOG5_aRH8InySLq-P4l060pckKH-rv1rPwmgqqsY9kGULqI55o5K1i9wLIhXVSGucJKD586CpSbAD4oFI08NhNRqkYDdaOHpktpbIgqGnIZmCmCzNchrj9ke3_NOfWiNxAyiiPud1fC36E7-7iJXdfBlbtvwONZrjQ3-3Z4JpJJBbzjKO9ZDrOzZrQ6rm9TkbCBlxphIrGdHzJ-UFLHuBLHuKVS8VGoICkym4E3ORGy9GHsYReprXs1shYYSKTPR-Yrssa0aiFOTrkJ7qKIkgOg7ZTujkTUmx_5sc1U0_VZrOqIpyri2g8feVsEFGumL55YM-CZYqjtp3cIFBal9J-O9Ji7t5rmu431Xcs6LZXwffzDBRBxl_EL84oHtFDzuTQqrI7E6uYy5E2LYRZTuWcPGzWcuz05gy4f65hPRiXIDS-h7xZewowyUrQpdKzIAjJgZKPE4VVhUt-qYDNungZ3KxrZfZsC5cntJgG7ZSH5gOnnM9lwo1FtosxjKpIBK67x3CjK12hg_DOi70mgdF8xASEly1D-GSALuvhnVLodQtggVCgKXIgOyHBS7Y75g64oDJyJcQvAjxaotXmQTyo-3UxxFJrOXxmuAmhLhLYsW2ITXAXGYg--TMzfPHf0TbjrsKUxHw3geVmtrQYOSyiBz8D0CvH4i0lCZbbOLlmgagss2ybkADDOskIDMy_knG5AC3T27bXZkfh7UsjlKv6RiJ0RqTUX5L04f4QSWbAG8aWBbKgzTscJlM10SMqVe9xpwdZ0wUmvtOlaaSTl-9WyIP31deqr7gry6OnEswvhFOPMXBjbfBlcpLPWVbEAbXRZedVo4Z28focvTfq9yES9-l_WcTn7L-Js_Vpgwb6bn-hO53hnSYOUbrsm6ELKCUXs-J0kebTOQwNwPZEMQWErwbXea4suY0C5ZKtMQcTDV2FcmOW4vYezS58rPzcmdwWzW7O2O43k_nbbPbebkya9efvuQX5rtH12cfcVFho0sXlB24rmYz4aJ11uGt6TSoevrNjmGU4jdLailby9okd02tp4_gbir__ri6R6c5sFLmSdLMDKLz4dLtYvF8W5ZeFMBvxrwdEJ5LO6462wNLLX2uJ4qwoqLOmdwmD-_dvzkyFBy-gWmluWRXuZ1NIYDoA3RIMwvxZXduUdjHiRfrS3KTQbGsNo93Xl6TaR3qa5tE5osFm2q9TjZpk7lsdKSN1PT9b80qtJyfK8XEs2ASmynKjxo_-6lqRxbHcu5D4mtOTDSfp-rxZuOl5qOj-LZo_21C5OhNEWKI6yJCKqyy4XSzwZaUb-J6zXgVIHdvQSnPA7MIfIPefLQgmEGH7YcfDnvTOnL-YDnU7yXIcAb8_yTuMy65O3LiCcxHBRyKkthIYIcagTH2icrRSsGH6RREQdlVVRqtOqCU4oLhWE1EoFxUctezmM2VuzkRp2klxZZv79nV-9P7y6aAl7zPC0ZpuVL_Qdn0LFEWg9TDMZy9Hz7r_h_bxxZQtbnhzessJ61_EifQX39QNV-ab4_oMB2HIVcYtQt0GYxE_pAj_dfUr3F8EJeRiHlsqFXvErS5YtaCsC8WKvP661eMb9R5U9buz4GpC0OHVi9PLnGRZPAI7D4gzCa63aJvyqVo7shFjuR0UWVNTvmmYRiLtyxHM7AdJ98eJbtBa05qTC2RZ6Vk9IWd7iUZ3Gjzo7maB-vZXAOp42l1AUDsXwm9-FuTpMwXLMkJj5_V4QeBXJVxga9WhpHzMvR62eCJRwLEw0R1pQH9BIC7xgSfaFDL3H8vMtS2jjRnux-C4x0bsrSheA8ZorhlX_sBiLIDDD9nbNNT1RONuaymUBfG4Wm93IF1QJ8u0diBizfe4Bm35wswreo5C1wpLoR7n59_SIFZmZxZxKXiepvtSoLx4s_Qbcswn-NtoiK8Oo--IhmCgfkL6Mfv0it2GXxJ1EpV0O9eIeuc9Mu8vVArOqHBDPv7Yzjy1ThVjSPpgu_tNmhFFo9zgFWYupX_uxHbdlmwyN_7zHsvZkY0T48Os1EgPfB63DAVRfJ7qn3B7zheg_6fbseNjF0SSD5Qp531qkdRmuQWRoUdihglAtrnz7J86ls4A8IpZBVYDqGVRlsU52QoZcdZtWcuOYTTVRxDIPpgZrqVNmWsQWBlWE_vuWS3-G13j7T5Tq4IvCmWBsAZ4doxB034rHeJkXWz99y28vlBE5xkKUfb1uaQfpiwdySyx_Cp2q-Gyth8P2c_Rc-IsRUQ-eLYO13azJwgVdcuVwCsD4mn2zaGDY-v9Da1042UD2pX_ncbMaTxwCewlDIaCUev9j3iv7OapOWEcyo2hS58Fo68jRWXh7CmVTwlQehtS&cid=CAASKORoIjhona0u3AKTZpQnoM2YvAo7jAEVFIXpTFhLYBBpO9zVTifmMUY&rfl=1%2Chttps%253A%252F%252Fzhovta.ua%252F%240

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93646a9bff7d190caf9fb605a23be641e96f8fe8dc95eb9cb3db32b336d14800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31758
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FED 42 B
63 B 77ms
77ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzMwa0PlfYnJJPdW1RV9O9HtnpPNyn5WMsMouwJZTjeTnILwKXtLVB6wRqVK2wt1EAFQjPbXohLwIcmxrnO_WucRqgrsGUVzGKaVz3aYS6b8U7Qys

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 window_focus_fy2021.js
s0.2mdn.net/pagead/js/r20220721/r20110914/client/ Frame 0FED 0
0 183ms
42ms Script
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:55:16 GMT
x-content-type-options: nosniff
server: sffe
age: 600
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 23 Jul 2022 12:10:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FED 138 KB
42 KB 162ms
110ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 12:05:16 GMT

GET
H2 404 qs_click_protection_fy2021.js
s0.2mdn.net/pagead/js/r20220721/r20110914/client/ Frame 0FED 0
0 182ms
41ms Script
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:55:14 GMT
x-content-type-options: nosniff
server: sffe
age: 602
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 23 Jul 2022 12:10:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0FED 0
0 113ms
49ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeyYkc-oX2b_njVZFcN1XLRvfJescd-9kj-1PyXdYPE8omztiQRwZgyGpMrcd5NZwqDxwOh4hKwtVGVrFOKvdzbNT3Mw
Requested by: Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 4314821810160217524_18213550066902727067.jpeg
static.doubleclick.net/dynamic/5/206838720/ Frame 34C1 270 KB
270 KB 177ms
87ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/206838720/4314821810160217524_18213550066902727067.jpeg

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de75f74c16ee260673a91f8253b007a4d454690220b5ed46379dd071518ea753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 10:48:24 GMT
x-content-type-options: nosniff
age: 91012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 276542
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 06:25:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 10:48:24 GMT

GET
H2 200 9029483738363657104_9664973358794916640.jpeg
static.doubleclick.net/dynamic/5/206838720/ Frame 34C1 181 KB
181 KB 203ms
114ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/206838720/9029483738363657104_9664973358794916640.jpeg

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b738e5021ff4263f6ed6f5e4dd01752156ec2b96f90fa6de52ff852c973271a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 12:39:42 GMT
x-content-type-options: nosniff
age: 84334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 184857
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 06:26:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 12:39:42 GMT

GET
H2 200 11976299204629680789_2167638538857903488.jpeg
static.doubleclick.net/dynamic/5/206838720/ Frame 34C1 257 KB
258 KB 133ms
44ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/206838720/11976299204629680789_2167638538857903488.jpeg

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be366375b7a163d5ff67e54c96e751bfbd9315dde9bd76dce127d62529b81aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:13:21 GMT
x-content-type-options: nosniff
age: 78715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 263599
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 06:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 14:13:21 GMT

GET
H3 200 10091498889470987024
tpc.googlesyndication.com/simgad/ Frame 34C1 8 KB
8 KB 40ms
39ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10091498889470987024

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:30:26 GMT
x-content-type-options: nosniff
age: 228890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8502
x-xss-protection: 0
last-modified: Wed, 20 Mar 2019 13:48:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jul 2023 20:30:26 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 34C1 0
0 85ms
85ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Coefr--PbYqzSHo2tgAfewpWwCe7OhMlqhZLbm5sMoIeA7JACEAEguNv1EmC7hoCA0AqgAbC6odcDyAEJqQJcLBabbCKxPuACAKgDAcgDywSqBNkBT9CuLXI2xHKRFeF2RUdQmJ-gM3rAVO7gOTrbSz4Y7vsyEULM6r1EkL5ci5-jUtnGq893eE0boUvVna5WVf6pjZ1S5yrrgP8RYCAXZobz6lmDHWv5w3-dVTVqVQ1uLHtg_qQODfAG2Bgw7ZsvXpEFyvhZIGDrOVjvzt9cq1s-s8AAx3lTOiQgGONf1RkhNSdtx0y-2O4q1MwOiw0Iyp9BsZ_FU0a-NBEdpdM8RYPuyIlsN4u9TE2gsNQk9GF7ngMxJQ1HxeJkFkAxV-1iZyxntZqmSPCk9-GoqcAE7s6P15oD4AQBkgUECAQYAZIFBAgFGASgBi6AB-fh0GKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ2L8C0ggSCIjhgBAQARgdMgOqggE6AoBAgAoByAsB2BMMiBQD0BUBgBcBshceChwIABIUcHViLTQyMDA4Njc3NDk2MjU3NjgYquMQ&sigh=e46X1nz-xuk&uach_m=[UACH]&template_id=494
Requested by: Host: zhovta.ua
URL: https://zhovta.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 34C1 21 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:59:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5488 143 B
163 B 123ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 23 Jul 2022 11:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 34C1 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:49:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34C1 138 KB
42 KB 174ms
173ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 12:05:16 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D889
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFzksxODzeW1s0j-SryEiA&google_cver=1

43 B
912 B

115ms
77ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFzksxODzeW1s0j-SryEiA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNUVgdjn-IBy19mmeVMCadQQe7zRZ51Dcqm68A0j2mQvqkun4XIHX5WfNMOh33W-5QipnO9C0T2QgItHZhBVdEkM3BPy67zLtwdk2QF6B8C-ncDURSK4MHUKCdS4vatOnKGYo0JhT9zCbU_yaOuibAWzkwYobF0Rb2M7XQSuhfGR_PNRVrU
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72f4488c5d4506cd-LHR
pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGZkK%2FHfX9F3L6C5ns1v%2BfJ%2FSX0iVQCncl7DlCOJGTGQXVB5wvocOXrmNZSI0ycfl5QY2o%2BXD9jI%2BUkqtEh6OiIaYFmmPEgWgTfeScREKP2pV4tcJ%2FbMjFnaLAGdkrt4MNpEmFcfjtFopQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFzksxODzeW1s0j-SryEiA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D889
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ytvj-MqVhHapez8AaZ.txgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENONE2unfO75tghr8XBwIDc&google_cver=1&google_hm=2

43 B
908 B

63ms
63ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENONE2unfO75tghr8XBwIDc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNUVgdjn-IBy19mmeVMCadQQe7zRZ51Dcqm68A0j2mQvqkun4XIHX5WfNMOh33W-5QipnO9C0T2QgItHZhBVdEkM3BPy67zLtwdk2QF6B8C-ncDURSK4MHUKCdS4vatOnKGYo0JhT9zCbU_yaOuibAWzkwYobF0Rb2M7XQSuhfGR_PNRVrU
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72f4488d7f3106cd-LHR
pragma: no-cache
date: Sat, 23 Jul 2022 12:05:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEqV7AaYHO%2FQ2fn0hvEEi8Ojo9t29T8GALt9KDeYKgovP3gu7eWjtDsLeNzhqU2kFDsdgWlk7VyLRYY%2BBSicWRT97vnXHlU05usZRFyzFa7E5QSsGWhrSOZ4ZVqrWYg1HOziSYqm7q8dzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENONE2unfO75tghr8XBwIDc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D889
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIEaEbduC4LcZWHy5LUTCfs&google_cver=1

43 B
1020 B

42ms
34ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIEaEbduC4LcZWHy5LUTCfs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbsERDvjosCGLDprsQBMAE&v=APEucNUVgdjn-IBy19mmeVMCadQQe7zRZ51Dcqm68A0j2mQvqkun4XIHX5WfNMOh33W-5QipnO9C0T2QgItHZhBVdEkM3BPy67zLtwdk2QF6B8C-ncDURSK4MHUKCdS4vatOnKGYo0JhT9zCbU_yaOuibAWzkwYobF0Rb2M7XQSuhfGR_PNRVrU

Protocol

HTTP/1.1

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jul 2022 12:05:16 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b38a45dd-1b49-475c-936d-21ce5afacd5a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIEaEbduC4LcZWHy5LUTCfs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D889
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjM2NTc4OTI5NjU3Nzc1MQ%3D%3D

170 B
188 B

129ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjM2NTc4OTI5NjU3Nzc1MQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Jul 2022 12:05:16 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8453e2ec-43be-466c-aac8-5da81aacd04f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MjM2NTc4OTI5NjU3Nzc1MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 0FED 27 KB
10 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5ZfYJkt8VesgadxknoRE3xBFlioCeoacSRxTAntc-EKQIP4efQvJg1x9TF1T9iAzspcdG1_rA0IwLI8Vk3TCAEAGjgQ&cry=1&dbm_d=AKAmf-Bdz5YwMNvI96vfpg8eM5QANEfi-1lmIs-bpq78MGbBi6nMYFhYS5zk_5ZbDWiLwXMAqy7VurnI9Fh1MGUvhCNRghhYWk4fI_BguetmZEoQnz9k9A4IW9fePIGAfR54dYZfTKt73xCh_7UctciDLNsPAHKZc2GK6AYj5pGHnQGBrC1DTm11d8pBaKbzrMpZiVgs0CF8NO9TWB8wbjh6hduDUhUXnNFUMF02mROnerflmjPvmtFSyBZTD0CVO4RjE3FR9u0BBerIflMMtaUpY4S8nQ0-0u3mv8h1PethKdd4ia3y7_YKssllf23Upzvhx2NIfxy5YNotvRD5_1qulG1FLmiq5O13oDQeadpXgiN-8TDs3YCA61y3Y8HtuWyWmuGwf2f42N85foFC-4V72GsH4Nt9nX7t4cdhZsHOA-_pF5-c80SpAFYg4oobeVlHe-i3hjkcodggaXqMErFQeUJNe5RVPIrfdnoLYziI4QWlPOrmbM8k99bHFBx7PTT4CuyFX2lNbNsmVuImpat982opATCvnHf2g_iiKaIyqjtAZaFQ9FHCb7sIeFcoT4Tvg4plIq2QvwgL2Ih32UvQHSADjN3Zz8mNuG-EyDmj1VJAnVaM-foOrTAdrbw4CD1gxyRd12KtVEpWph65ymniQlqAOdCLxT1Xpnq3mwl-vqgKfOgdNBQbvHYpg0_V-2MJXv1KgPHZMDV2i7BZ8lyi46rU_LX127jW41ibVKpQWxvbUeFG1SXbaJpM5qDoDhacvbgTO2buOuUnKsIKvMg8MEPRZPZekIRz6BMC1pDRyWNcDkFu-eugtFRrWZaBqagTDoS1hwLFBJpMoXlACQHOG5_aRH8InySLq-P4l060pckKH-rv1rPwmgqqsY9kGULqI55o5K1i9wLIhXVSGucJKD586CpSbAD4oFI08NhNRqkYDdaOHpktpbIgqGnIZmCmCzNchrj9ke3_NOfWiNxAyiiPud1fC36E7-7iJXdfBlbtvwONZrjQ3-3Z4JpJJBbzjKO9ZDrOzZrQ6rm9TkbCBlxphIrGdHzJ-UFLHuBLHuKVS8VGoICkym4E3ORGy9GHsYReprXs1shYYSKTPR-Yrssa0aiFOTrkJ7qKIkgOg7ZTujkTUmx_5sc1U0_VZrOqIpyri2g8feVsEFGumL55YM-CZYqjtp3cIFBal9J-O9Ji7t5rmu431Xcs6LZXwffzDBRBxl_EL84oHtFDzuTQqrI7E6uYy5E2LYRZTuWcPGzWcuz05gy4f65hPRiXIDS-h7xZewowyUrQpdKzIAjJgZKPE4VVhUt-qYDNungZ3KxrZfZsC5cntJgG7ZSH5gOnnM9lwo1FtosxjKpIBK67x3CjK12hg_DOi70mgdF8xASEly1D-GSALuvhnVLodQtggVCgKXIgOyHBS7Y75g64oDJyJcQvAjxaotXmQTyo-3UxxFJrOXxmuAmhLhLYsW2ITXAXGYg--TMzfPHf0TbjrsKUxHw3geVmtrQYOSyiBz8D0CvH4i0lCZbbOLlmgagss2ybkADDOskIDMy_knG5AC3T27bXZkfh7UsjlKv6RiJ0RqTUX5L04f4QSWbAG8aWBbKgzTscJlM10SMqVe9xpwdZ0wUmvtOlaaSTl-9WyIP31deqr7gry6OnEswvhFOPMXBjbfBlcpLPWVbEAbXRZedVo4Z28focvTfq9yES9-l_WcTn7L-Js_Vpgwb6bn-hO53hnSYOUbrsm6ELKCUXs-J0kebTOQwNwPZEMQWErwbXea4suY0C5ZKtMQcTDV2FcmOW4vYezS58rPzcmdwWzW7O2O43k_nbbPbebkya9efvuQX5rtH12cfcVFho0sXlB24rmYz4aJ11uGt6TSoevrNjmGU4jdLailby9okd02tp4_gbir__ri6R6c5sFLmSdLMDKLz4dLtYvF8W5ZeFMBvxrwdEJ5LO6462wNLLX2uJ4qwoqLOmdwmD-_dvzkyFBy-gWmluWRXuZ1NIYDoA3RIMwvxZXduUdjHiRfrS3KTQbGsNo93Xl6TaR3qa5tE5osFm2q9TjZpk7lsdKSN1PT9b80qtJyfK8XEs2ASmynKjxo_-6lqRxbHcu5D4mtOTDSfp-rxZuOl5qOj-LZo_21C5OhNEWKI6yJCKqyy4XSzwZaUb-J6zXgVIHdvQSnPA7MIfIPefLQgmEGH7YcfDnvTOnL-YDnU7yXIcAb8_yTuMy65O3LiCcxHBRyKkthIYIcagTH2icrRSsGH6RREQdlVVRqtOqCU4oLhWE1EoFxUctezmM2VuzkRp2klxZZv79nV-9P7y6aAl7zPC0ZpuVL_Qdn0LFEWg9TDMZy9Hz7r_h_bxxZQtbnhzessJ61_EifQX39QNV-ab4_oMB2HIVcYtQt0GYxE_pAj_dfUr3F8EJeRiHlsqFXvErS5YtaCsC8WKvP661eMb9R5U9buz4GpC0OHVi9PLnGRZPAI7D4gzCa63aJvyqVo7shFjuR0UWVNTvmmYRiLtyxHM7AdJ98eJbtBa05qTC2RZ6Vk9IWd7iUZ3Gjzo7maB-vZXAOp42l1AUDsXwm9-FuTpMwXLMkJj5_V4QeBXJVxga9WhpHzMvR62eCJRwLEw0R1pQH9BIC7xgSfaFDL3H8vMtS2jjRnux-C4x0bsrSheA8ZorhlX_sBiLIDDD9nbNNT1RONuaymUBfG4Wm93IF1QJ8u0diBizfe4Bm35wswreo5C1wpLoR7n59_SIFZmZxZxKXiepvtSoLx4s_Qbcswn-NtoiK8Oo--IhmCgfkL6Mfv0it2GXxJ1EpV0O9eIeuc9Mu8vVArOqHBDPv7Yzjy1ThVjSPpgu_tNmhFFo9zgFWYupX_uxHbdlmwyN_7zHsvZkY0T48Os1EgPfB63DAVRfJ7qn3B7zheg_6fbseNjF0SSD5Qp531qkdRmuQWRoUdihglAtrnz7J86ls4A8IpZBVYDqGVRlsU52QoZcdZtWcuOYTTVRxDIPpgZrqVNmWsQWBlWE_vuWS3-G13j7T5Tq4IvCmWBsAZ4doxB034rHeJkXWz99y28vlBE5xkKUfb1uaQfpiwdySyx_Cp2q-Gyth8P2c_Rc-IsRUQ-eLYO13azJwgVdcuVwCsD4mn2zaGDY-v9Da1042UD2pX_ncbMaTxwCewlDIaCUev9j3iv7OapOWEcyo2hS58Fo68jRWXh7CmVTwlQehtS&cid=CAASKORoIjhona0u3AKTZpQnoM2YvAo7jAEVFIXpTFhLYBBpO9zVTifmMUY&rfl=1%2Chttps%253A%252F%252Fzhovta.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0
server: cafe
etag: 4815257668744283084
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 12:01:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 0FED 8 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 12:00:12 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0FED 0
622 B 231ms
87ms Ping
image/gif 216.58.208.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCMi_jse54QQUMM4i9mCb7l_SAyoLbsfN5IQx87htUZ2bvi-g4RJVsXV6cjahV8_SGeyEFoMVn3TqUS2m_C9WTGBPgBM-7U8xAAeGeK0wpOVA8CLDDBYvAehV3LPSVTxJhidusQBAPQYb33viMI8l2B5FWSGOUTSMRtEP4aMOeD4wVsm6iEZ3m9zg0tok7nxA-uaMl1EqLU4VVk4SWfN3ztF-uKZeJhkc0P_tXsQB6mOJcdIVMqC3_zbsoW1bsbRZu_GlrpCUs3OMyHi1Mc3FPGkoI2lbhqolemuM1eDxHa-gngEvXt6eg7WsxuoARBROH8-fEODWeV_1TA_Q-MyruLrv3mPpOUWt5WYd-HP9YycqQwFAAl5bUa1UR9x0QP4IYFUOydEKvU6_LiptzzCMy24ZHaZRU9MlCMWYnG840M3-YmaSXpUnfQ6WFcYt7-XOtA3k1YLoD2HhdRZ84cUhTQmaGNHH1yqfNrgbSQ1BAo82t_jk519QhsavEgdOdLaDeAhu13Cc25n0RaE4ZtBnozyH2oPwdG_Lch_5ERdqm3NtPU_VEo1WH-o6jF7hFEFCLp3V7X1TZut1cG5eY1Z0oe6PcKyRX811oI3A1SHhWXVVbgzmGijNDmfLDxNYOztNyIBOJrG6lBBcDYiMRBfUWGsRfylYQtPkg3K4Vd9UQOVIVNeS6BZVcjx_tWHuKqjUC9nPTdLr-CrHLowRrCgZOXNZddhUK3jKmA1yraEC-yt03cpSnDFEyZr4OxyvqTK2lAMYxNaD4otTv6Dtiu73T4kA4HINKp8kHlsTo7ti50rGs40AQRdECI4FiIRmoKr22jWwg2z29NDu_jR6uWZJXEsgdtLjEg6XW1i0GYWze1-fyZgwr-XpEpvMQn0gfBE3V-FKxnzeKvwZDFzrRFB4EzOHspyuhzRmVTUwyh_C5u6o6x2dQqNv4k0WiBleWttT1k9GqPbWHq5jiAc7ENqbvj6vVfUnZDpQ01KK5NPJYtc_Fu-l272ARZ-CbwrpJv0hxyYZAKKJsFreAhEvWbNrundc5Pbt6fIBhA6E6nGKa3vfUDmOJLLtLXtryoxNViF5ZlnsZthsSGOG4A0nSiXd7ExPATkHpWz5ZYWOwdJpQspCKou2fsXNdv-Q6pYaW5CxlpY5t47pRb0XS09jCv_tKJbaCPazN8w7G-3YhxCm0KK08Wwx2I_5u_gQ&sai=AMfl-YRZb9dSJNj8luhXKbQ_Bkg4M5Q5FIHncXM4ySDAsqhxK1KVJH0AEck2zFTWXiatJUhR3s_m6ROuw9ctH9bepa0-CtookqPjvlhtA7XJ5G-BM5tG_TxL7moHmOYkZwdRxUzSP50kXoOiCPtmiVKQuwAwIdwk5q6dumV_A6ySNR_uR634yE9sGSsytsfRLkvBUzJiguzIfPysgKZ7CR3HnUNmHARVHck7yw&sig=Cg0ArKJSzNTYo5gsWakoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220721.10569&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

waw07s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 23 Jul 2022 12:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK tfav_adl_57.js Show response
j.adlooxtracking.com/ads/js/ Frame 0FED 64 KB
64 KB 157ms
69ms Script
application/javascript 5.135.142.37
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_57.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5ZfYJkt8VesgadxknoRE3xBFlioCeoacSRxTAntc-EKQIP4efQvJg1x9TF1T9iAzspcdG1_rA0IwLI8Vk3TCAEAGjgQ&cry=1&dbm_d=AKAmf-Bdz5YwMNvI96vfpg8eM5QANEfi-1lmIs-bpq78MGbBi6nMYFhYS5zk_5ZbDWiLwXMAqy7VurnI9Fh1MGUvhCNRghhYWk4fI_BguetmZEoQnz9k9A4IW9fePIGAfR54dYZfTKt73xCh_7UctciDLNsPAHKZc2GK6AYj5pGHnQGBrC1DTm11d8pBaKbzrMpZiVgs0CF8NO9TWB8wbjh6hduDUhUXnNFUMF02mROnerflmjPvmtFSyBZTD0CVO4RjE3FR9u0BBerIflMMtaUpY4S8nQ0-0u3mv8h1PethKdd4ia3y7_YKssllf23Upzvhx2NIfxy5YNotvRD5_1qulG1FLmiq5O13oDQeadpXgiN-8TDs3YCA61y3Y8HtuWyWmuGwf2f42N85foFC-4V72GsH4Nt9nX7t4cdhZsHOA-_pF5-c80SpAFYg4oobeVlHe-i3hjkcodggaXqMErFQeUJNe5RVPIrfdnoLYziI4QWlPOrmbM8k99bHFBx7PTT4CuyFX2lNbNsmVuImpat982opATCvnHf2g_iiKaIyqjtAZaFQ9FHCb7sIeFcoT4Tvg4plIq2QvwgL2Ih32UvQHSADjN3Zz8mNuG-EyDmj1VJAnVaM-foOrTAdrbw4CD1gxyRd12KtVEpWph65ymniQlqAOdCLxT1Xpnq3mwl-vqgKfOgdNBQbvHYpg0_V-2MJXv1KgPHZMDV2i7BZ8lyi46rU_LX127jW41ibVKpQWxvbUeFG1SXbaJpM5qDoDhacvbgTO2buOuUnKsIKvMg8MEPRZPZekIRz6BMC1pDRyWNcDkFu-eugtFRrWZaBqagTDoS1hwLFBJpMoXlACQHOG5_aRH8InySLq-P4l060pckKH-rv1rPwmgqqsY9kGULqI55o5K1i9wLIhXVSGucJKD586CpSbAD4oFI08NhNRqkYDdaOHpktpbIgqGnIZmCmCzNchrj9ke3_NOfWiNxAyiiPud1fC36E7-7iJXdfBlbtvwONZrjQ3-3Z4JpJJBbzjKO9ZDrOzZrQ6rm9TkbCBlxphIrGdHzJ-UFLHuBLHuKVS8VGoICkym4E3ORGy9GHsYReprXs1shYYSKTPR-Yrssa0aiFOTrkJ7qKIkgOg7ZTujkTUmx_5sc1U0_VZrOqIpyri2g8feVsEFGumL55YM-CZYqjtp3cIFBal9J-O9Ji7t5rmu431Xcs6LZXwffzDBRBxl_EL84oHtFDzuTQqrI7E6uYy5E2LYRZTuWcPGzWcuz05gy4f65hPRiXIDS-h7xZewowyUrQpdKzIAjJgZKPE4VVhUt-qYDNungZ3KxrZfZsC5cntJgG7ZSH5gOnnM9lwo1FtosxjKpIBK67x3CjK12hg_DOi70mgdF8xASEly1D-GSALuvhnVLodQtggVCgKXIgOyHBS7Y75g64oDJyJcQvAjxaotXmQTyo-3UxxFJrOXxmuAmhLhLYsW2ITXAXGYg--TMzfPHf0TbjrsKUxHw3geVmtrQYOSyiBz8D0CvH4i0lCZbbOLlmgagss2ybkADDOskIDMy_knG5AC3T27bXZkfh7UsjlKv6RiJ0RqTUX5L04f4QSWbAG8aWBbKgzTscJlM10SMqVe9xpwdZ0wUmvtOlaaSTl-9WyIP31deqr7gry6OnEswvhFOPMXBjbfBlcpLPWVbEAbXRZedVo4Z28focvTfq9yES9-l_WcTn7L-Js_Vpgwb6bn-hO53hnSYOUbrsm6ELKCUXs-J0kebTOQwNwPZEMQWErwbXea4suY0C5ZKtMQcTDV2FcmOW4vYezS58rPzcmdwWzW7O2O43k_nbbPbebkya9efvuQX5rtH12cfcVFho0sXlB24rmYz4aJ11uGt6TSoevrNjmGU4jdLailby9okd02tp4_gbir__ri6R6c5sFLmSdLMDKLz4dLtYvF8W5ZeFMBvxrwdEJ5LO6462wNLLX2uJ4qwoqLOmdwmD-_dvzkyFBy-gWmluWRXuZ1NIYDoA3RIMwvxZXduUdjHiRfrS3KTQbGsNo93Xl6TaR3qa5tE5osFm2q9TjZpk7lsdKSN1PT9b80qtJyfK8XEs2ASmynKjxo_-6lqRxbHcu5D4mtOTDSfp-rxZuOl5qOj-LZo_21C5OhNEWKI6yJCKqyy4XSzwZaUb-J6zXgVIHdvQSnPA7MIfIPefLQgmEGH7YcfDnvTOnL-YDnU7yXIcAb8_yTuMy65O3LiCcxHBRyKkthIYIcagTH2icrRSsGH6RREQdlVVRqtOqCU4oLhWE1EoFxUctezmM2VuzkRp2klxZZv79nV-9P7y6aAl7zPC0ZpuVL_Qdn0LFEWg9TDMZy9Hz7r_h_bxxZQtbnhzessJ61_EifQX39QNV-ab4_oMB2HIVcYtQt0GYxE_pAj_dfUr3F8EJeRiHlsqFXvErS5YtaCsC8WKvP661eMb9R5U9buz4GpC0OHVi9PLnGRZPAI7D4gzCa63aJvyqVo7shFjuR0UWVNTvmmYRiLtyxHM7AdJ98eJbtBa05qTC2RZ6Vk9IWd7iUZ3Gjzo7maB-vZXAOp42l1AUDsXwm9-FuTpMwXLMkJj5_V4QeBXJVxga9WhpHzMvR62eCJRwLEw0R1pQH9BIC7xgSfaFDL3H8vMtS2jjRnux-C4x0bsrSheA8ZorhlX_sBiLIDDD9nbNNT1RONuaymUBfG4Wm93IF1QJ8u0diBizfe4Bm35wswreo5C1wpLoR7n59_SIFZmZxZxKXiepvtSoLx4s_Qbcswn-NtoiK8Oo--IhmCgfkL6Mfv0it2GXxJ1EpV0O9eIeuc9Mu8vVArOqHBDPv7Yzjy1ThVjSPpgu_tNmhFFo9zgFWYupX_uxHbdlmwyN_7zHsvZkY0T48Os1EgPfB63DAVRfJ7qn3B7zheg_6fbseNjF0SSD5Qp531qkdRmuQWRoUdihglAtrnz7J86ls4A8IpZBVYDqGVRlsU52QoZcdZtWcuOYTTVRxDIPpgZrqVNmWsQWBlWE_vuWS3-G13j7T5Tq4IvCmWBsAZ4doxB034rHeJkXWz99y28vlBE5xkKUfb1uaQfpiwdySyx_Cp2q-Gyth8P2c_Rc-IsRUQ-eLYO13azJwgVdcuVwCsD4mn2zaGDY-v9Da1042UD2pX_ncbMaTxwCewlDIaCUev9j3iv7OapOWEcyo2hS58Fo68jRWXh7CmVTwlQehtS&cid=CAASKORoIjhona0u3AKTZpQnoM2YvAo7jAEVFIXpTFhLYBBpO9zVTifmMUY&rfl=1%2Chttps%253A%252F%252Fzhovta.ua%252F%240
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.142.37 Chasne-sur-Illet, France, ASN16276 (OVH, FR),
Reverse DNS: js05.adlooxtracking.com
Software: nginx/1.15.8 /
Resource Hash: d36253140224d3e65922719329cba306a98af2154419ee3b571399b1ddc0bdf9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 23 Jul 2022 12:05:16 GMT
Last-Modified: Tue, 14 Dec 2021 10:16:32 GMT
Server: nginx/1.15.8
ETag: "61b86f00-ffaa"
Content-Type: application/javascript
Cache-Control: no-cache, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65450

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0FED 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 09:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:41 GMT

GET
H3 200 1014031966750151554
s0.2mdn.net/simgad/ Frame 0FED 72 KB
72 KB 122ms
41ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1014031966750151554

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1e4efe7233fbb9a90348afd9731a677423fbb0195aa0d21f381cef00007250d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 09:31:07 GMT
x-content-type-options: nosniff
age: 268449
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74149
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 12:54:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 09:31:07 GMT

GET
DATA 200
OK truncated
/ Frame 3EE1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c2b3b5674fcbce2fe0cdcd8e34c0c35622561fca7824397ad8368f3ddb76d9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FCAC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2d9b035fe1400a65027bf819c95ebe7118f1d404dbdd53a1bbb2f45888e70d1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3EE1 16 KB
16 KB 143ms
54ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 428951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 12:56:05 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 84AF 0
327 B 121ms
40ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l5xugv23&c=4819967847465&slotId=2409983923732.5&qqid=COq78Zv8jvkCFY0W4AodXmEFlg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 84AF 9 KB
10 KB 154ms
84ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 404926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:36:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 84AF 15 KB
16 KB 107ms
43ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 406641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AF 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CQfhc--PbYqrSHo2tgAfewpWwCbrVm_dqmZzazaAQ9I2FngsQASC42_USYLuGgIDQCsgBBakCfmzwkIjkSj6oAwHIA5sEqgTnAU_QFW4yn6VnOZwr4VzRtR3nih3AVgrlADJh3M5H4Lieyug6FXEfh07oDuEXYmp1uCduOIUn3vB1aBPNO4GBZOwc0Xqjd_e5q01eiLdmn1JKBNl1kIRR0mwo5z9onLIJNZv0EC23iNUXh79ml-RaiRDcnsUSv5wJG2_ydYoFT7xegE8zzOAH2cLIX6GL0GG0EfOW2cFYz3jsHd0mcDjj8obQEZm_0sce8OXBIkQy0BagTxo0X9b65-naonT915AgV_-rdEPAPGH20Amr-bnT_9lCynndvlkeYOoBFpK4ivOF9_GpXjvpzsAEubyNsPsD4AQDkAYBoAZ5gAeLi7TYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgHICwHgCwGADAGwE_ew3A_IE8HO6OAD0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1658577916776&ai=CQfhc--PbYqrSHo2tgAfewpWwCbrVm_dqmZzazaAQ9I2FngsQASC42_USYLuGgIDQCsgBBakCfmzwkIjkSj6oAwHIA5sEqgTnAU_QFW4yn6VnOZwr4VzRtR3nih3AVgrlADJh3M5H4Lieyug6FXEfh07oDuEXYmp1uCduOIUn3vB1aBPNO4GBZOwc0Xqjd_e5q01eiLdmn1JKBNl1kIRR0mwo5z9onLIJNZv0EC23iNUXh79ml-RaiRDcnsUSv5wJG2_ydYoFT7xegE8zzOAH2cLIX6GL0GG0EfOW2cFYz3jsHd0mcDjj8obQEZm_0sce8OXBIkQy0BagTxo0X9b65-naonT915AgV_-rdEPAPGH20Amr-bnT_9lCynndvlkeYOoBFpK4ivOF9_GpXjvpzsAEubyNsPsD4AQDkAYBoAZ5gAeLi7TYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBIIiOGAEBABGB0yA6qCAToCgECACgHICwHgCwGADAGwE_ew3A_IE8HO6OAD0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 84AF 23 KB
15 KB 165ms
66ms XHR
text/xml 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CfILXE1EzyIX52hWaE2JqwJGVIT0--psbTAeHT2AeyjrWoiVlEfek6Dn0nd8AnZfZ8aUcaYmKvrrMtciA30Q2XgTG2OA&cry=1&dbm_d=AKAmf-Dba6eVq2bp1SNmq90GEF4UOv78kbRkPDlb9rRbflz5QtwdxXfOynemMuKfd5tRkpHgnkhtZUsWSWrA3VsTD0-U8CfzvZ1eEyaYwo5IM65CqEJaWTaAbcF23inloOlp8om6yJhxgO90qRJhMeSA2G8MTl1MILm97jltcZV_YuyRUYYeanoBoLKZ-AjDTexlXqY3DR8ofq_v3q5Ad9UXYOerzKO_QGOeUlYO6GhTdY7F8hgldw6wZloy0Ro455xd_W7qsg8Gjm9zOQMeDJ3k4vaM6N3iDmmgwyPt1mMrlLk7wmFJ3vN49CEGkeEh3oRurW0Tn2cGRFWVj8EVAeF5VKNP0wWvSJyg3wPUDZ2CYzdvE2q1SmV8-QRvDBN-G5fRUpWp2bvj8z8XzqeSq44eVFMOtQcLDiae2qUTQvysDRR03vNIYLWV6OXn-eqqYhbROjBtX_zknoqMBq4wjXRH2UYMupmJRS8_A3aDk85a1C_0f5B7DkYKwvX4J22ZUdIigWA7RfQDqcxFydUczaFvwhY_2gbb6twif7zyBkP_ApMwF_MBAQJ2lqQyPcw2nId6VkFMx6cLnkEc3wZBI_3PH2GGb9MdYaoXQvDcgWZ1gmWVOJP1RJVq9linYH7rpniyLNCfS2VlYl5v_dVOeA6uerUmAAzTz4IatPMlvlRFbG320S4a1PF-RjvsK4UDJ8odxvfop7yCEY9H_pp9zCQBhrh_N9biolEznTAphWmUBoWeTxPNah_yu0a-_FxcnhprfbPf3zMOFZwrkeC6jVhgNCfa7OBwPb-dXtvVVPN6SPv_1L8qi9G_tsObsFk4A8V0AwYf54qoK3GvawhuoEKRAhtuqD7bsEXJLHyee8taJ0oUepEp3km7MSoLmg67S3zzP2WPpJvinIdm9gyMc5vOOB7o9saN6fOeoSMa-YuZi02D_NsNAk7GrD9rWl7nig8N_w25OiOO7ZnHU-N85NKeHxJnMGduWwV-WTt4jFKoRyjK18sEefNvtjjjj5boh1LWlDvhFYmL6CT2yLc-Q8ldTJKw74jcWVcb57rIoD7GYSxId9Z6LLHu5dSxFl3euOv84XCCtjH3D-bPu1Z9PbBvFACV6BAUB7ewTWYvCJcAiSprM1vsdBAjTkXJK9HrAjdQW55x84w863naKabTXdfRHfXLGMAkpJJMuqbXqs8FQB_CxQ9zmL1WrsXLdmoDd07SQu0UPfoYby21kpHGAP0hr0PQdtR_iVL28Q94PbinEsl8RQ_YnKybEF2rvERemVtRVPZEO9ZsDkb_xqY4SD7aIKG9FrvYE90cBx4Rd3EJLfVxSRoy5ha6vzQVkX3CEMZGNE56UbDiSDvqFA5XBw-BKT36WGp-p-jSh52y3SnxrgRxvWU1KNbJFyUSfSrI-eRm8yCp_pzFx3U5-aKoyonMHJZ09BvD3Glbk2jnh2_tXl6uF2f8H3LEgmjjQaXkAIXvo4lWXSifqkCEdyakFQWWh3TcMVuQzq2bd_7LBpfbEFpTyALshvuuUHIKp1_DiEujOGRWLoB0lv6q4iuJ_zaak2fChJd-5FXAanU9ecGFw6LyQQy_PP0--Z-rxJukMqp0OWke5lX07FVqmFeGqQIvufQgcaq7wol0eUNZdyJm8yU9EMn8hrZNvw5GdNhSDYJ2mlcuz183Ojl2kpbeW00zUigYW83D7H0wnyxVV52sGE8sd1DPGEMDmsNrHoQepYK-DDihgGHCqu0nd-bFC8S-L1r7Sop6WCdcVzC2a-ZIZ-SU-Sj8U4nB33HtMkKz1o8cbnF4GGDGQZk5nqbk8xnM3Lh0M9hhZTmp9tp9KPMSRZOLLgqNmlYfRrsXb2-RdBhaVVJq2GNORlRZtl3VC87mu8KC80QNGs4Mb7KL2N3qfM3L-9hfM80NC2CTDWO6H8MfgJ_Up5PA5Gxi51CWpcWo7cUIbu7t-FXYTeeHuzhJJg1EMMiAex0FBsO3V4SZURymPc2damJhSeSHIYPNgKunHmyCxgT9gVjkHKYLraZb2paZmP9XaxE3PBaOU-r-4NZEB31OV_EqzAhQqmgmiAbGwks4EyR5G8pKXFX576tBr2Ly3MTL6Uwpmrn5ilmVeVYz184GIJtAcMzSVhejT5vURypdYoK-0hnxlXra1g0tRClB3b0lMZ4BPXVTyDOy7Bs5PIMDrBU4iPFd1T9_AW65WvnC9wQ-b0XVin-PR9fHdUuS8HxuzQvpi6r8IJxIaOD8d7mdqrB_YqQh1TY2KHdBLQl-R73RJ2DeWluRnJP6DUpumCfulBtxjVqU7tfZgox5mKZConRGJJxt7QYoj1d9_A1fsZFL-rfBKkxwBz4TReL98FgrHjd4fXoGyfLhmoAJq_OPXtaxbNcI_Zmi5--7PSLGXc6i7-2dEO2toQYm-WQ5QdbRF3y2qvF2wwAFDjIY71PFCnfyB-KtzTaLqkXhkfIJYHXTng5ps_BSAqb_UORPkX3xU1lJAlLhS-OKP2v-CmDXa3We0q8RZ_RAU7oVdcqXc2L1fbdpDCz9LXyADNIc3hGgqYhdHARuAAa69sDRRQ2pQX_8SiiHq1mhH9YflFmDcY4pUorF3nfcgJdgJdTZwZqVuW0iJWZbEB-sOsLyXb4P64wnOtAld36NSJTOGcyJAlo6KKQ_47skk2LDVQqyEkktLO0Z8Vyc6cMujN1e8j-4EKZ0_9i18sWJWM0JLI6E6gV-Gwofcv74iJkHRNE4HkMujDYc7XRLxWMKJeTIcS7RmpzrORGR_dgXldyNMJ1LZN6sGd2tP3arQrbe1193j165pP8CQH0h3_1SjAGXmqEBH9X5Dmlv8ErTRHWzVhSacnbwxlsB4Om9Vk8g4T4WDaEY_s9HFVODlIKgcRyiVxo7nWQl1HD0VRiq11K2VWiA6LalDEK1p4qTkTd4OGRlBkDBtnxcE9D8fJet7_HEytLKqLVS6SNJ1Rn8wouKmH5UjmWBfHABNy3Ep9VFmMDig3H7EbdR3UBRH8rDqo6lfSeftzD-MdcoG_pD57hW5i0DHtkDDJPPqi1Ky-hbnmfNM8sBkIGPkKbbE6xyMthI4U6xLgirr5Rv1IV5h7V19IeSIUf0JREy2DI30Szhwlw8vR4jkRMcTaTBIk7hg-hzDKnq5zgkq0DMK3Wey7DRXYtAfzOHxJ2pakeJYX4davmikI7t7_tgfDIJp4BtQ5JY8Qc7jwYXtgjfeudB86xiGguZrATedw&cid=CAASKORojZlq1lqlF6RpL1N1q2lS0Vknn-2tqKEUyoTpbytFFDcmkgvACIM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

cafe /

Resource Hash

28fde085167be5b074741a8995c2ae4274efc6d0bd5f057e4f7d8c04c6d129c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14443
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 84AF 0
0 80ms
80ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C75Ey--PbYqrSHo2tgAfewpWwCbrVm_dqmZzazaAQ9I2FngsQASC42_USYLuGgIDQCsgBBakCfmzwkIjkSj6oAwGqBOQBT9AVbjKfpWc5nCvhXNG1HeeKHcBWCuUAMmHczkfguJ7K6DoVcR-HTugO4RdianW4J244hSfe8HVoE807gYFk7BzReqN397mrTV6It2afUkoE2XWQhFHSbCjnP2icsgk1m_QQLbeI1ReHv2aX5FqJENyexRK_nAkbb_J1igVPvF6ATzPM4AfZwshfoYvQYbQR85bZwVjPeOwd3SZwOOPyhtARmb_Sxx7w5Zkj9ljYPEB9iIPcIZRNHrR7uvILXjzIY7br974iazPZILNMeQXwBa5wbvOm_5rk956oKa-m6zBBHsf0wAS5vI2w-wPgBAOIBaPq79NBkgUGCAMQAxgDkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAeLi7TYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEN3dCRjq44vPAdIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKAcgLAbAT97DcD8gTwc7o4APQEwDYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNDIwMDg2Nzc0OTYyNTc2OBiq4xA&sigh=jDYUS5RvwPU&uach_m=[UACH]&cid=CAQSPwCNIrLMJdq2rqB4R7puAaSWGpGIgHqwTgpPxW2kqboI7G2zTReIyscfmC8lo7iwG7RUAWVHZAKETMxOcNbjCg&vt=10
Requested by: Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FCAC 16 KB
16 KB 142ms
94ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 428951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 12:56:05 GMT

GET
DATA 200
OK truncated
/ Frame 84AF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56d809f3c5514e8d365cfb5a6be6e390ae7e8a1e7bab1feb8e0149d1263d4bdf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8610 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 201233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 04:11:23 GMT
expires: Fri, 21 Jul 2023 04:11:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5488
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

95ms
94ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Jul 2022 12:05:17 GMT
expires: Sat, 23 Jul 2022 12:05:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Jul 2022 12:05:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0FED 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b96e53caeca81871b574af54419097c25c36223ad6e8792e9a8b04aa30a1e3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 34C1 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 11:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 11:19:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
79ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071901&jk=2524363107011222&bg=!1tWl1ZHNAAacadVKvGk7ACkAdvg8WjLcnz0Idv1Um9JT5rcOwvHqj6g1hG9imIs2sIqnd0zUvxmSfAIAAABwUgAAAAJoAQeZAovdJxgGWePdqF6yMQnnoGLpn_MdaUzPcyx7ZVOHu33SUDQeBmxxxK9wXZp1VK3PyHYupAVFJbhzocIUvEI-stCHlV0EafMjkPhtynUTz9R-G3SL5i3Beza8XMRhB-8ibNy9QOGiNQ_5_vh3bSt9WbgP76AsowN3yI_RUH_vjLbb8uQythtuWY9NlmO7EwtWpm-mMJtnDYPr-osp6pjy12wj8LdsnOI4jKnys7aMRkvdJDscF9e4g4cFjPrCxFIaxI1NVBcSjQMZh38MBr5qctqvUPbWH0q8uko4suv_OW77FC1bin137Yer5oC0IzZ7iPgNDbJG80PQNbGoN_UKwqcu7Fb8kN8plLaEchvxt5XuhIPLtE-ieuKYB7oMomSl1n3oF7o69tsWrp6yxMKA-GKEtNzTZZN1YkrbvhJ7QDOuFeiblw2QqeMXinhKlQr0Vbc0i5oZT5OQ3erlELxcF01mFDBhmM9198ixaXRzc4VrbYQdk7jmR0FK_GMk8UjCg84YNUMazxFtwxY03GdSh3XqO74uid6Jqmnej61O50WI8iLTzNACUWGW3iom0SQ5SbXeLDRawPAb7mVPu1TFQXAz_TKZrg3HOjc9zVmeZYYVeE3_PIsokYr6iv4APQ6bJkcx2XmsNGRfAEqh5xIKqD2CD6cqdVfCNrXMtJF4Uaf2X0UVB9mp_4BEAFLbYP6A5QTRAIen7AA1QuVf4PyKutt3MO2DxAdMYw8z6wpj7H7BRaiup9Pck_2QiZz1yhpIoRMSSuyT7DP5-wwn2Bbu9f3E5dLLJkJFncpENNHZwdyMxM6BsMyB7dPZB135oGlLv4WCdrDz3-qrgblrM07rj1jpv62-Cy6PJ2FtrLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8610 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 12:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 12:14:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 34C1 0
0 50ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3NSMNFP7Il5rE3uC6cc4-AyliojBfNwTTCy4gQMd-KXLQANVXiwv1RjiZaPUw34pCboM0rZ2Jn1iViYGyIrjoB5fi1g
Requested by: Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 34C1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83cd6d2c078fc7fff3cacb11f70a958a006f6c6926b4299f1544a8b228a50eba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0FED 0
63 B 78ms
78ms Ping
image/gif 216.58.208.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

waw07s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Jul 2022 12:05:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 0FED 8 KB
4 KB 115ms
50ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D7%26scriptname%3Dadl_57%26tagid%3D529%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom1area%3D50%26custom1sec%3D1%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=nmp&campagne=57&banniere=0&visite_id=36580333916&seq=0&timezone=0&js=tfav_adl_57.js&date_regen=2021-12-14%2010%3A16%3A28&plat=7&tagid=529&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=9295572&id2=27377933&id3=330734833&id4=5325044&id5=167554420&id14=%24ADLOOX_WEBSITE&id15=display&id20=614b730&p_d=0.068&d5=674&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fzhovta.ua%2F&ao=https%3A%2F%2Fzhovta.ua&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.30
Resource Hash: 1b640160b7524f547822d5eb68e8a51a0c379fa2d6ba1eaf00b1fa9f88ee92fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:17 GMT
content-encoding: gzip
access-control-allow-origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
x-powered-by: PHP/7.4.30
route: ads-prod-566bd84fd4-l2lpn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 84AF 16 KB
3 KB 82ms
82ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/11440465/Third_Party/TP_VAST_30&description_url=https%3A%2F%2Fzeenews.india.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=[timestamp]&hl=en&ad_rule=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1e1af88ecac5e00468368bb314fd5386f1fbf36db6d824b1d4fe111d7ed230c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3046
x-xss-protection: 0
google-lineitem-id: 6056254285
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138398065250
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 44CF 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 14:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 14:43:53 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 86F0 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: zhovta.ua
URL: https://zhovta.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 14:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 14:43:53 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 84AF 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 08:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:58:19 GMT

GET
H3

206

file.mp4
r5---sn-aigl6nze.gvt1.com/videoplayback/id/640662bc18b7396d/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1658599517/sparams/acao,ctier,e... Frame 84AF
Redirect Chain

https://redirector.gvt1.com/videoplayback/id/640662bc18b7396d/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1658599517/sparams/ip,ipbits,...
https://r5---sn-aigl6nze.gvt1.com/videoplayback/id/640662bc18b7396d/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1658599517/sparams/acao...

2 MB
2 MB

119ms
28ms

Media
video/mp4

2a00:1450:4009:e::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-aigl6nze.gvt1.com/videoplayback/id/640662bc18b7396d/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1658599517/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/6ABE4BF6B371F68D59D185EB8D89E1E079A29921.83DFF62B852F42B23FA7C9E23ADD0E6C4E6EFE73/key/cms1/cms_redirect/yes/mh/id/mip/2001:ac8:21:e::7/mm/28/mn/sn-aigl6nze/ms/nvh/mt/1658577621/mv/m/mvi/5/pl/48/file/file.mp4

Protocol

Server

2a00:1450:4009:e::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8536e3c65f0b77c32da75427c79a418e11edb88948bd80921737277ee5d61967

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:05:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 05:34:10 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-2588772/2588773
client-protocol: quic
cache-control: private, max-age=21300
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2588773
expires: Sat, 23 Jul 2022 12:05:17 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:17 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-aigl6nze.gvt1.com/videoplayback/id/640662bc18b7396d/itag/18/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fmp4/ctier/L/ip/0.0.0.0/ipbits/0/expire/1658599517/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/6ABE4BF6B371F68D59D185EB8D89E1E079A29921.83DFF62B852F42B23FA7C9E23ADD0E6C4E6EFE73/key/cms1/cms_redirect/yes/mh/id/mip/2001:ac8:21:e::7/mm/28/mn/sn-aigl6nze/ms/nvh/mt/1658577621/mv/m/mvi/5/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 692
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CCF 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: 08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
URL: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 14:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 14:43:53 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame DEFE 23 KB
9 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 238536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 17:49:41 GMT
expires: Thu, 20 Jul 2023 17:49:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AF 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=34&d=1&s=1&f=0.01&li=v_h.0.0.0&bgai=BTjZj_OPbYpjfOJGH-wbWlraAAwAAAAA4AeAEAg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8610 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqsZ3_OPbYpaAIvaM7_UP4YGhiAUAAAAAOAHgBAI&bg=!v7ylvPjNAAacadVKvGk7ACkAdvg8WlA1uM23ffSSOkMkMiE3oz3582jb31Z80-G2FlV5B6oeFZ4_PQIAAADWUgAAAAFoAQeZAtr3cLZGYYOEbqay8HQavRyTxHES3pPgj96ofPVf4MTCfJBZRaSRglgfXBMreL7PV-dSNnDuJ9_vZOJaZZRs2CXQdAVAdk2b2FGiPRxT0nFrBM8ZLfoRRD6mhRLwmd9EMlGzpez-wBKmG1EkLDrgFCpw1a5-4o-5KH6Id1ByFJrmLg16BWEu3TPDkzUk5sv1A_R6SaJ0HH1rv9XTAsDIqETOy82NcQmk1CA_QTkym9CCYG7hTNBFKzI3XTiQLdzWYn3OkDj4D6ik05VMSiH4I6reo3sUjjHMMbskrwv2CGDDsZq_0F9BgPPbRRimPSWjeAxMK7p3LBb3SD3RUjlh6qILvZ5Ov-TtdFMSPL1CJXQb8bTXaQafSCkObukQQChlBDR_oennNdskxyLby6KICVHTJ3Tr2QavbJSfSjH0_WjRiMeYcxXqRh3jNEdx_WGNfD9OcCXl_MDSrWOiGWVFF35DdyXPrENjC_IryGC3_KC-753E3T58OgrM_8XRpdSJToK-5sLfYeSUCUOlApzwRodW1YTw_XjmlkzlyNyPqa_vpe3l94qVwKMe8ZkFJeuzBYwq0udbVrgGY1QC8lXdo_dfMfbIuIK1iK3Z-GEyVXrSseR5AI-sSzdKPjoYidV4G7K4tZRni4-syNfglUfthBNQRd4A3r7ZBr3txlHBCxKxxaw3MSH4S8_svEjM3TymCRulK-TJELwme-nmWZHIqA2Nge6zTeD0bXoImb3byjTdrBBnfwLiW_SCpY81XkhaU2zmajV12dlymxlegmJ6ANTCfMJjCFxdOto1ooDJ1hu9cA6UkWKVOAWM5JYru-9MtoGCqZ6hsGEOkURAFqaKteGQcsMk9ou38Mu2yP9CWceYi6EDCshpP2uGZ3WYTVcSPsg34p6n7oA_s9VAW6EcBKMr2V5A6kh5GaP4E89-P5wBwFGRcWxgjODeTggmf4WqZ7ChxvWSpMCf4oCD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame DEFE 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 14:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 14:43:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEFE 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BTjZj_OPbYpjfOJGH-wbWlraAAwAAAAA4AeAEAg&bg=!0NOl05fNAAacadVKvGk7ACkAdvg8WgmwHXBw9WGM2jd-W0w6xFIv6iG-qtDRP55Lm4NGH_VnW2q6oAIAAABJUgAAAANoAQcKAHkuTBzR--tjDzQ9_UuVHAMzMwdst3hfOdGZM9lWLFgLD1TVqwseOk6wHtLFrRuEThG1A2r-kgA9t-kR5_HDE9npQibPDPYO3MTYlWPyEexaSL_FZUgG9l4CKSyHjSOKUSCAbVslUIXSOu4qIwfogmAMMwdoucckru3imQLo47GkWPf4ObUHcwF7-ZG3rVMdTGKUINhIgAhcTNTfOZbpXFwivVdh1zYsy03CHEWSLwsT0arlOJzuMuZaPPRxMmcq1H-Hbrp1ZLesrHXArKA5M6U8gdE3U_1KyumvN6R5WY0S4Mp3gdldl5d7CFd0Y_Wh8O331Szxu3BQxA59DZe8uXfyUlGOoUTgOPuJYX8sE9rO1mbgX-wuWk_dOs_mP-9set4pdPg80HYK8abd5BToQxkWqgBHMH1DijEPhSlb31jSIHay7WU9PHDsNKyM-8B11s03Yni64MeX_RwrATwOpTBmnfk6RqkL9r4Y4ebazjajP9EQ0NPjFFsnv1eAGo_H7qt4580Mlkn7PU0hAFStSPj1vIenD4qO-IU0dbT5-qjBnYQa_44I-XaqHpK1ClsYpmUx7xPDUhqcU654xWP7_7PDRsRN8JwC5uFaaMkt8zhLmFsRFf3X2PYIxXGyEUkwwW1kp_N4dzjjSj_cc30FMQNETEzUY48edQdPXXZ0BHC5GzX5FWQQjWRcj2I7vGxklDoAmPSc0uNdWrjx_GfJCsYZO76pPZaY7-kgCkURQXKGfPI0m-Z9IbNQAJ7yFV7zMOCSOL12ZdgzNDdrHwGsWM6avwENRMEp2SZTFhoV5PU344YV3qU9xOPgFgpP_L2ndZQ50QO3dzYF2y23bRdLcT0ctKHdwF_Bfyxdc3O4gn11EaU4KxT-f_zRhEYygwMv6Ls2SJPhICb5QOs85hMnAYXvOXTtb-0du74REnbrC24NKhnM78sSlNjGqh6fTXFuawwyDkRzAH_4NSHycA_AvZR5yQoYRLC-GJXMvR0Y4ZVtVcG2QfeWihVDJTHIJl8icO9UMk_ixbO8IzUqQtVH86yQItd8lbsdjIwcDcm_GuzXdVt8LM01DEe_Hlylb3bv9zPezkBmJQs8p9Eyg6HcyID8BCzVHQO2ie4hgeU-qZUyRFZIXS69xwlTJz3WEkhGgoer7HAn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0FED 42 B
64 B 163ms
79ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUwT_q2Kfv7t_f_1UVeHj_Sp4JS8EYppf7JpS5fnk04S14cxrXe0F0aT5JGo0ocLknqJrwpbfFo4lshuudnyc5G5L0qAg8m6bFJz7j0ODh5YEgn6ihWIJldvGjPDZuvEHruqNwHqYAskdhOA&sai=AMfl-YTNNjoXEii25v3mJvMW0QZaBy7nowzDxQmGEAGR4vHwtJAJqB4b5qrpV-kDAoTMRIiM6NKgmnzuRkWDWt-UaXgINNL5wmjLnSL-NL5OLYDrwBGJfV4Au8qGE-km-v0m&sig=Cg0ArKJSzLnw-y0GoTNsEAE&cid=CAASKORoIjhona0u3AKTZpQnoM2YvAo7jAEVFIXpTFhLYBBpO9zVTifmMUY&id=lidar2&mcvt=1001&p=20,315,110,1043&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4124708693&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658577916239&rpt=665&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 84AF 0
17 B 105ms
40ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l5xugv3d&c=4819967847465&slotId=2409983923732.5&qqid=COq78Zv8jvkCFY0W4AodXmEFlg&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&br=688&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=3&vhc=0&msm=1&aits=18%2C0%2C0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=18&vsrc=dclk_video_ads&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220720_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 12:05:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/10/intl/en_gb/ 245 KB
67 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/10/intl/en_gb/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0415c7f6848ac6de4f98407bf6bed1bd51120a6dad5648b2eda797bb0a515b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 19:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68999
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 19:49:38 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/10/intl/en_gb/ 155 KB
57 KB 123ms
43ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/10/intl/en_gb/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAi-_pHLKSBnx_3mVWBzWwFaNMlnVeSn8I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa68c4e94713b8c20b7ea034babbfb5c07f16023f99df0478778e575e7ba4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://zhovta.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 19:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58548
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 19:49:38 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zhovta.ua/	1970-01-20 04:44:24	Name: zhovta_ua Value: eyJpdiI6IlluSW9DSXo3SklHTEtCSXVGVzhXTEE9PSIsInZhbHVlIjoicVJpekdBNzRaMnBJY2tLTXZ1VmNcL0FKVWVmY2lHTG9lT01iVDhRc2wrTDJDSExMeHVHYzAwSHhyUUl6VW91c2htZjBVYjdJMmdSRVFnd0Q1U1c4aWpRPT0iLCJtYWMiOiI3OGFhMTNkZTIyMmYyNDk0MmQ1NTVhYWIyZjU5NzlhZGVkODY0ODFkMmViNjI3YzdkMzA2Njg1NDliMDc1ZGNkIn0%3D
.zhovta.ua/	1970-01-20 22:14:09	Name: __utma Value: 178520687.1101086480.1658577915.1658577915.1658577915.1
.zhovta.ua/	1969-12-31 23:59:59	Name: __utmc Value: 178520687
.zhovta.ua/	1970-01-20 09:05:45	Name: __utmz Value: 178520687.1658577915.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.zhovta.ua/	1970-01-20 04:42:58	Name: __utmt Value: 1
.zhovta.ua/	1970-01-20 04:42:59	Name: __utmb Value: 178520687.1.10.1658577915
.zhovta.ua/	1970-01-20 22:14:09	Name: _ga Value: GA1.2.1101086480.1658577915
.zhovta.ua/	1970-01-20 04:44:24	Name: _gid Value: GA1.2.1995942914.1658577915
.zhovta.ua/	1970-01-20 04:42:57	Name: _gat Value: 1
.zhovta.ua/	1970-01-20 06:52:33	Name: _fbp Value: fb.1.1658577915126.332689627
.facebook.com/	1970-01-20 06:52:33	Name: fr Value: 0lLp89hOrAHWKR9mE..Bi2-P7...1.0.Bi2-P7.
.zhovta.ua/	1970-01-20 13:28:33	Name: _ym_uid Value: 1658577915275772298
.zhovta.ua/	1970-01-20 13:28:33	Name: _ym_d Value: 1658577915
.zhovta.ua/	1970-01-20 04:44:09	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 13:28:33	Name: yandexuid Value: 6999708421658577915
.yandex.ru/	1970-01-20 13:28:33	Name: yuidss Value: 6999708421658577915
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2192717881658577915
.yandex.ru/	1970-01-23 20:18:57	Name: i Value: 5xBe5hTruTG932uDdx31gHbfeNlSBLN+qGc6LwuY2fUJ4WjbHl7k0YwbEkR15iPKltnE8EjWSjsEQVRxuP9cjXOKTKw=
.yandex.ru/	1970-01-20 13:28:33	Name: ymex Value: 1690113915.yrts.1658577915#1690113915.yrtsi.1658577915
.zhovta.ua/	1970-01-20 04:42:59	Name: _ym_visorc Value: w
.zhovta.ua/	1970-01-20 14:04:33	Name: __gads Value: ID=b79f1a0f54b99775-220c3357d9cd000d:T=1658577915:S=ALNI_MbFskH4Mo9TU2tO0kZBytOAb_46Sw
.doubleclick.net/	1970-01-20 14:04:33	Name: IDE Value: AHWqTUnKTooKFs4iGu54_M9bmD917byb-rdbTXIJVhnzAemnL4Y1jw5_s51rWXdAWAk
.adnxs.com/	1970-01-20 06:52:33	Name: uuid2 Value: 9092365789296577751
.casalemedia.com/	1970-01-20 13:28:33	Name: CMID Value: Ytvj-MqVhHapez8AaZ.txgAA
.casalemedia.com/	1970-01-20 06:52:33	Name: CMPS Value: 4333
.casalemedia.com/	1970-01-20 06:52:33	Name: CMPRO Value: 4333
.adnxs.com/	1970-01-20 06:52:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImJx<L4G!@wnfH8K6pQK`!5=E<L5?%M15>7=4Z>A5>0XR`6Y]M]B4wQHZAU'Rvu]DgCbpRzqF1`b`Le*B2_k
.casalemedia.com/	1970-01-20 06:52:33	Name: CMTS Value: 4448
.doubleclick.net/	1970-01-20 04:43:01	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s0.2mdn.net/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/pagead/js/r20220721/r20110914/abg_lite_fy2021.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

08160d51d0d6c82f761c0366840070b7.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
bid.g.doubleclick.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csi.gstatic.com
data00.adlooxtracking.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
j.adlooxtracking.com
maps.googleapis.com
mc.yandex.ru
pagead2.googlesyndication.com
pubads.g.doubleclick.net
r5---sn-aigl6nze.gvt1.com
redirector.gvt1.com
s0.2mdn.net
s1.zhovta.ua
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
zhovta.ua
104.18.18.126
142.250.186.34
142.250.186.66
144.76.118.10
185.89.210.101
2001:4860:4802:32::3
2001:4de0:ac18::1:a:2b
216.58.208.194
2a00:1450:4001:800::200e
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:831::200a
2a00:1450:4009:e::a
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.241.31.249
5.135.142.37
66.102.1.155
0415c7f6848ac6de4f98407bf6bed1bd51120a6dad5648b2eda797bb0a515b0f
06153f41d1008b4e9692ea0d361f3a0506ceaeba499cbf543048b27a47b7daa3
0663c2a0d8e231062e68a7126e357d0cc8fc893411b4bb215982a20370d27aef
08c2b3b5674fcbce2fe0cdcd8e34c0c35622561fca7824397ad8368f3ddb76d9
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0aa68c4e94713b8c20b7ea034babbfb5c07f16023f99df0478778e575e7ba4d7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11233aa7e1842c2eed5585f4d057f4c8603a1a1d8a060f168565759338864219
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b3f9e370af4069d73b9b4a9659a80419a83a72bfd4c08a577e7d35e0226f10
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b640160b7524f547822d5eb68e8a51a0c379fa2d6ba1eaf00b1fa9f88ee92fc
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e1af88ecac5e00468368bb314fd5386f1fbf36db6d824b1d4fe111d7ed230c3
1ee352c57d251ef3ae54220f580e1a536f79c11ba92c7ff4c5ebb9a29d4ede50
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
215096fd47f27f7748584edb8098a4f8260ca6aea28d2b1890edf780c5bba374
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
28fde085167be5b074741a8995c2ae4274efc6d0bd5f057e4f7d8c04c6d129c1
2fea1b9a08df090b0287d5f753dbbcce5f9044bd649449431d85354fafd31d4a
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49d70a9c2a0babf52874d753368dd42cd19187173f4687b6e66618fed2123a37
4ac5bd273896c95b8a865cb54811484d157ed725708a1c53e949e7f8d9cf301f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ebb31cfd35098e8e8addfc231854acc85dd2fd0228ceabf498edb9055592deb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b96e53caeca81871b574af54419097c25c36223ad6e8792e9a8b04aa30a1e3
522284064e5f4c37a4dfcdb6025cb110dc1ba941aea0696b5df1b0011d817bfe
528be60b632807c7cbab0866c94d5eb88c3dc77bcf5fcb0dc81d0fbb798fc8af
54133850c78253161a6ca729e8c69e0ff6f46e7f7ca22f3632ce3fcc70c2adf8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d809f3c5514e8d365cfb5a6be6e390ae7e8a1e7bab1feb8e0149d1263d4bdf
5744b93d719cb88f6b376b2fc28e82ae1a802971ff11dbf8b145e19b93dddbef
5ce121e73e92f53052d478d0de784eb77eda0fe4fe423d75c48e1f11a31c2f0d
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
5f4779250b6a72f5b6c4617a480bb764646e212321873ef7aeb9beb4c819ff6f
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a82dab8b342d2b2ddff4960ef2c7be8ade29e10429aed3b8238ec41d3874b4f
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b8af26e3c5c85e0fcddb449e612da2f10dad9c70445dd8b9f8f1a0109a32492
7fb5d5fc04526984cd2241e968ef4e317757bdc1c08cefbd77fed9ca80ebd4ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd6d2c078fc7fff3cacb11f70a958a006f6c6926b4299f1544a8b228a50eba
8536e3c65f0b77c32da75427c79a418e11edb88948bd80921737277ee5d61967
85f52ae01a1ca60a7c5d40c7a9008f320519bb1e11b50db65e8fc797f5258f7f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b738e5021ff4263f6ed6f5e4dd01752156ec2b96f90fa6de52ff852c973271a
929c0a65ab6718c9a78a097f6b78f07168ff88ea1310cc7bd17c9f222dcb53a6
93646a9bff7d190caf9fb605a23be641e96f8fe8dc95eb9cb3db32b336d14800
94c8eaf7108f6b5de448268aa780b464b7825d476d350ba673d858715618b977
94d225dea35625dd151445c5f7e3a5f1b309cc0a5d2395f22c83d5d2616e657a
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9b60f9f86d77e2bc5425dcc7d4a02bda887f74aca04ea1b14ab147dcc91b9295
9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e4efe7233fbb9a90348afd9731a677423fbb0195aa0d21f381cef00007250d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5
ae7aeb0d4690f0fd8b37ea623294d29345482407e6153dcea0fbae3204fe8236
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8b470f036a118349c673d320ea1d200f488f6ae084b1125c1583ed72ebd6b59
bd0fc1a1e24ea9d6276ed56bab380d668444c7897550335fa11f43845baac20d
be366375b7a163d5ff67e54c96e751bfbd9315dde9bd76dce127d62529b81aef
c38fc26130ffe6948b78e92a64f33ae20bcb88466450ffcc56e85a00e85be43d
c75d0893bf63c26d4c0c06f6e0cfdcca24ffbc6431f8148f6243c30687b82ae0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cccd8c94ce20a42526ca07875d7e1d948015efe50c317f70413cdfc5847ddc30
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
ce53b7d94b6c6dae3b978f4fc50811064baa4ca79935dc11c7e2223301c59f96
ceb4fbd7e9cfd6afbb7c05c6b95cf7003a851a2d2aec41444c6803219c034858
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
d36253140224d3e65922719329cba306a98af2154419ee3b571399b1ddc0bdf9
d4fa5d4b88126710b9e65ec883dae16c991fd51b837a3e9f7bef30c47d90147d
de75f74c16ee260673a91f8253b007a4d454690220b5ed46379dd071518ea753
df0a549a1389d264746969d3af4d97b54b5efe395273f5a64b708570f8a02657
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e21e935e0e65d892214a7d1136b305c42c9c81182c63c9e26a1af37edf4da436
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
e3fe16dd530a8fa1a54c83237d4ac55a2b8ad2514c8354a2da0e27f7f1549b81
ed37304123b9f91a8141d4c161e452977acc50e64925f8c2a069f7a974ea9002
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbe4d9113fe429cb94a9aed4a144dc51a369c96ce916b19471bf981877c9cec
f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2
f2d9b035fe1400a65027bf819c95ebe7118f1d404dbdd53a1bbb2f45888e70d1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

zhovta.ua Open in urlscan Pro 144.76.118.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

148 Requests

95 %HTTPS

74 %IPv6

18 Domains

36 Subdomains

34 IPs

7 Countries

5603 kBTransfer

9039 kBSize

29 Cookies

15 Outgoing links

Page URL History

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zhovta.ua Open in urlscan Pro
144.76.118.10 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

95 %
HTTPS

74 %
IPv6

18
Domains

36
Subdomains

34
IPs

7
Countries

5603 kB
Transfer

9039 kB
Size

29
Cookies

148 HTTP transactions
8 data transactions