Submitted URL: http://dengi.ua/
Effective URL: https://dengi.ua/
Submission: On June 18 via api from GB — Scanned from GB

Summary

This website contacted 52 IPs in 14 countries across 58 domains to perform 384 HTTP transactions. The main IP is 193.29.200.162, located in Ukraine and belongs to UMHAS, UA. The main domain is dengi.ua.
TLS certificate: Issued by R3 on June 13th 2022. Valid for: 3 months.
This is the only time dengi.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 193.29.200.162 197203 (UMHAS)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a03:90c0:41:... 199524 (GCORE)
1 91.198.36.26 43405 (DIGITAL-V...)
38 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 146.59.10.80 16276 (OVH)
9 78.159.118.240 28753 (LEASEWEB-...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 193.239.68.97 39468 (BIGMIR-IN...)
1 146.59.30.104 16276 (OVH)
1 2a03:2880:f02... 32934 (FACEBOOK)
7 136.243.84.74 24940 (HETZNER-AS)
10 104.16.221.74 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 190.2.151.10 49981 (WORLDSTREAM)
2 5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.18.3.81 13335 (CLOUDFLAR...)
3 185.187.81.40 43332 (IDSTRATEG...)
2 91.198.36.35 43405 (DIGITAL-V...)
3 146.0.227.109 29066 (VELIANET-...)
24 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 167.71.9.19 14061 (DIGITALOC...)
7 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 35 142.250.186.34 15169 (GOOGLE)
8 12 2.20.157.55 16625 (AKAMAI-AS)
4 6 37.252.173.38 29990 (ASN-APPNEX)
2 34.98.64.218 15169 (GOOGLE)
2 104.92.106.130 16625 (AKAMAI-AS)
2 3 185.94.180.125 35220 (SPOTX-AMS)
1 3 18.193.29.139 16509 (AMAZON-02)
52 2a00:1450:400... 15169 (GOOGLE)
8 142.250.185.98 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 45.9.26.83 208677 (SBERCLOUD-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
2 2 76.223.111.18 16509 (AMAZON-02)
1 18.195.155.181 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
1 34.96.105.8 15169 (GOOGLE)
2 2 35.190.0.66 15169 (GOOGLE)
4 4 213.155.156.164 1299 (TWELVE99 ...)
4 4 216.52.2.48 30282 (AS-INAPCD...)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 192.82.242.209 62713 (AS-PUBMATIC)
2 2 18.156.0.31 16509 (AMAZON-02)
2 2 3.122.71.146 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 1 69.173.144.138 26667 (RUBICONPR...)
3 3 213.19.147.45 26120 (RHYTHMONE)
6 12 35.186.212.60 15169 (GOOGLE)
6 6 216.58.212.134 15169 (GOOGLE)
33 52.218.36.90 16509 (AMAZON-02)
384 52
Apex Domain
Subdomains
Transfer
74 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 283
ad.doubleclick.net — Cisco Umbrella Rank: 203
369 KB
71 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
708 KB
52 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 265
385 KB
36 dengi.ua
dengi.ua
676 KB
33 amazonaws.com
s3.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 3638
800 KB
13 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 46134
inv-nets.admixer.net — Cisco Umbrella Rank: 2737
198 KB
12 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4824
5 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 578
10 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 9
adservice.google.com — Cisco Umbrella Rank: 92
1 KB
10 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42935
bgstats.mox.tv — Cisco Umbrella Rank: 53363
95 KB
10 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 98196
c.idealmedia.io — Cisco Umbrella Rank: 84542
cdn.idealmedia.io — Cisco Umbrella Rank: 151448
servicer.idealmedia.io — Cisco Umbrella Rank: 98627
s-img.idealmedia.io — Cisco Umbrella Rank: 86157
cm.idealmedia.io — Cisco Umbrella Rank: 17945
autocounter.idealmedia.io — Cisco Umbrella Rank: 108730
110 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246
86 KB
9 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 287184
z.cdn.umh.ua — Cisco Umbrella Rank: 325971
10 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
281 KB
7 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 49706
st11.rcvlink.com — Cisco Umbrella Rank: 73244
36 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 247
6 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 50047
ls.hit.gemius.pl — Cisco Umbrella Rank: 11610
18 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
3 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5231
1 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
50 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 512
ups.analytics.yahoo.com — Cisco Umbrella Rank: 308
2 KB
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 520
828 B
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 530
2 KB
3 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2724
adservice.google.co.uk — Cisco Umbrella Rank: 4465
1 KB
3 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 341654
h.holder.com.ua — Cisco Umbrella Rank: 354399
4 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 557
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1010
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 652
1 KB
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 14267
931 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
960 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1069
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 402
367 B
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 461
cms.quantserve.com — Cisco Umbrella Rank: 1132
735 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1049
43 KB
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 159888
24 KB
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 129697
836 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1117
581 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 358
455 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 464
736 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3276
104 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 769
439 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3213
173 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
265 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1011
59 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1109
478 B
1 rutarget.ru
google-sync.rutarget.ru — Cisco Umbrella Rank: 175638
576 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1725
586 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
640 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 491737
170 B
1 i.ua
r.i.ua — Cisco Umbrella Rank: 158553
505 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 555
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
9 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2733
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
39 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
0 mediawayss.com Failed
ad.mediawayss.com Failed
384 58
Domain Requested by
52 s0.2mdn.net dengi.ua
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
s0.2mdn.net
38 pagead2.googlesyndication.com dengi.ua
z.cdn.umh.ua
pagead2.googlesyndication.com
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
36 dengi.ua 1 redirects dengi.ua
cdnjs.cloudflare.com
35 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
dengi.ua
33 s3.eu-west-1.amazonaws.com dengi.ua
s0.2mdn.net
28 tpc.googlesyndication.com googleads.g.doubleclick.net
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
18 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
dengi.ua
12 tag.yieldoptimizer.com 6 redirects b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
10 cdnjs.cloudflare.com dengi.ua
10 cdn.admixer.net dengi.ua
cdn.admixer.net
9 ad.mox.tv z.cdn.umh.ua
ad.mox.tv
dengi.ua
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
dengi.ua
8 z.cdn.umh.ua cdn.umh.ua
7 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
6 ad.doubleclick.net 6 redirects
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
6 go.rcvlink.com z.cdn.umh.ua
go.rcvlink.com
dengi.ua
5 b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
5 www.google.com 2 redirects dengi.ua
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
4 ap.lijit.com 4 redirects
4 d5p.de17a.com 4 redirects
4 gaua.hit.gemius.pl 1 redirects dengi.ua
gaua.hit.gemius.pl
3 pixel.advertising.com 1 redirects googleads.g.doubleclick.net
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 inv-nets.admixer.net cdn.admixer.net
ad.mox.tv
dengi.ua
2 sync.1rx.io 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 pm.w55c.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 ads.travelaudience.com 2 redirects
2 eb2.3lift.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 cm.idealmedia.io jsc.idealmedia.io
2 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 c.idealmedia.io jsc.idealmedia.io
dengi.ua
2 unpkg.com ad.mox.tv
2 h.holder.com.ua i.holder.com.ua
2 s.zmctrack.net dengi.ua
2 jsc.idealmedia.io z.cdn.umh.ua
jsc.idealmedia.io
2 c.bigmir.net dengi.ua
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 sync.mathtag.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 dclk-match.dotomi.com b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 tr.blismedia.com b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
1 match.adsrvr.org b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
1 cs.emxdgt.com b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
1 sync.go.sonobi.com b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
1 google-sync.rutarget.ru 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 autocounter.idealmedia.io dengi.ua
1 s-img.idealmedia.io dengi.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 loadercdn.net dengi.ua
1 servicer.idealmedia.io jsc.idealmedia.io
1 cdn.idealmedia.io dengi.ua
1 st11.rcvlink.com dengi.ua
1 bgstats.mox.tv dengi.ua
1 pixel.quantserve.com dengi.ua
1 r.i.ua dengi.ua
1 www.google.co.uk dengi.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 static.xx.fbcdn.net www.facebook.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 www.facebook.com dengi.ua
1 cdn.umh.ua dengi.ua
1 upload.wikimedia.org dengi.ua
1 i.holder.com.ua dengi.ua
1 www.googletagmanager.com dengi.ua
0 google2waycm.netmng.com Failed b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
0 ad.mediawayss.com Failed dengi.ua
384 83

This site contains links to these domains. Also see Links.

Domain
mediadim.com.ua
subscribe.dengi.ua
Subject Issuer Validity Valid
dengi.ua
R3
2022-06-13 -
2022-09-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
holder.com.ua
R3
2022-06-08 -
2022-09-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-10-19 -
2022-11-17
a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2021-09-08 -
2022-09-25
a year crt.sh
cdn.umh.ua
R3
2022-06-09 -
2022-09-07
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-27 -
2022-06-25
3 months crt.sh
c.bigmir.net
R3
2022-06-08 -
2022-09-06
3 months crt.sh
*.rcvlink.com
Thawte RSA CA 2018
2021-10-01 -
2022-10-01
a year crt.sh
ad.mox.tv
R3
2022-05-30 -
2022-08-28
3 months crt.sh
www.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
www.google.co.uk
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
i.ua
R3
2022-04-07 -
2022-07-06
3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-20 -
2023-04-25
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
bgstats.mox.tv
R3
2022-05-29 -
2022-08-27
3 months crt.sh
loadercdn.net
R3
2022-05-02 -
2022-07-31
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
teads.tv
R3
2022-06-01 -
2022-08-30
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2022-05-18 -
2023-06-19
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-04-21 -
2022-07-20
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon
2021-12-17 -
2022-12-07
a year crt.sh

This page contains 41 frames:

Primary Page: https://dengi.ua/
Frame ID: 5AA9D188EEE30F98A67413C1EB086EDD
Requests: 125 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Frame ID: 1A83DE7D606C3D016C502B72A1525166
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 3A68E8E29903AAD0972D4086F8C4EADE
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: B7A3E9C84887A1D3711A8411AF19D05D
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: 5EE257668E8534AB05630BD499373576
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 0FDC77ABA5BC4C30E807A18C7E07D99C
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 0B01877BDBD1A0BF4EE2482873F8C064
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: C54910512A2008F08671164A85A4BD57
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Frame ID: DA2D835675985BEE69D6CBBC599B27EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1655526712&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdengi.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712663&bpp=3&bdt=902&idt=274&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1914796011586&frm=20&pv=2&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=288
Frame ID: 59A05FC3DB412FF6C938FB3F1410DC1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Frame ID: 62D21AC6A1CC347408714AB631B7C923
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Frame ID: 9CE42F75C7A9436739B33AB85357AFA7
Requests: 14 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1655526713018840046506
Frame ID: C7807245135719CB652E9DC89890776A
Requests: 1 HTTP requests in this frame

Frame: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6F73CF1E4E3205840D0A8E0056EB81B0
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 21AE78D181925CFA35D4ECC8F1A70BAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 526A79789E21F8B8CD1D8892482CE36B
Requests: 2 HTTP requests in this frame

Frame: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FA8CECEDCBB3230F646E6ABCBFA4C373
Requests: 14 HTTP requests in this frame

Frame: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1A2EA3744DBF970AFCA9B4C989219F16
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 39091CC976469DC8E0CED5D319F2BAC4
Requests: 2 HTTP requests in this frame

Frame: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BECEB7D143572CED3DDF1710A3416DA6
Requests: 17 HTTP requests in this frame

Frame: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 94E5E17D75250CFB92F88EE918DC011E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUauIkB9-rg4sxL5Q4M85S-Kejn-uIPC2DsaxP6iUk41jtx6MdFqm_HQgsiHoMjd_lTwWqMMhat0WXVRfKGjgy7swADfkoq4NxfQRE1IWwthbxyOXbKFcRDJpyB1BxRcOk_JmUdWlXAC9mPElkOnh5unjntETiqQsyq7K6DdsoGfBeLzegnOQ-2ICR6UOiSi6-gm0yW
Frame ID: 0A19CEDB05E0DAAE112FEB34169187C1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1AhjTl9u2ATAB&v=APEucNVp88bvbOdLmvzgNPm59m1zg4kEBolnU2L3Q0PT0oUIyrSLwviOKh2Oh9PxKCnoaZdAIjmUtYb7Ph2jDmIyj9gpIAIXvx-4DekvfpT0jHczleMGJX6CBf2plK8q8o8S8Oa5BMPRCo7irFLtwSOgf2NFItHcdJlr_7OV4lCZ8SOD8fu8vTo
Frame ID: 672C2CFB8A9BFE2C86F8FFD965438030
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNW7S2RQDMBX7ldVqSSt7RwfZkkWgShCy2D2Swtyhs7-7evlSlIWulvQQx39pYbwvLQwq268utabJUVvlzHUcHFj7DF2EmMw9sEeO2DDU1TYH6ZwIvNxItXTCtGrBYO0Bgz2NW3ySTqEA3s-qAsbkxxwp3k2Th8vOeKfRChdmV7cthvdmLA
Frame ID: 21935170B4E7DE6B3A587631117DEA0F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUedgiNRTYKMvURr-IG7WvHcSF39GuI_yceK5FzDqKeZj5BfAvdM9uvlwIitChQIPop5orZNyUFORrGH1ZqxNjd5sMwvZEiNwC-bvwp9YCT5rvfTXx1rfRSrY5jEV4JNYmCU_A6w7UR65GFBQ0PJXIl9Zt7U1ilDb01Put1Y7pq-Dl1XMI
Frame ID: EA13C7BFF83FC61D6144F666010AFF9B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 33D713D9357FAC0E203F5A55E8B25D73
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75DDD60F5EF160D7929B40C579E2611D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 927879BE1DA582334F996D5047750170
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E22FFA556DAB1AD30AB913466313DF12
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2439959C69E182B3B2AD12E8EA9BAD4F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C390A37D85DB5DDF9FD81DE1DB333AF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DDCD19AA0109417AF88B0265EAD4CE00
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 744CC4D00F4F9CEC769FD0BD0AB6A703
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CD2C12BB0623354E50635C6458B0E325
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B411E760B0352E209EBF6A8771D6D2F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Frame ID: E699CFCFCAF3761243C57F2860DD6420
Requests: 28 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Frame ID: D9F13DCF021470034523235BE82BA430
Requests: 28 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Frame ID: 09D1DA1E9F38EF02CFA22BD82BC1786B
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 7977F8C76F2EA16040054B7748EB8F41
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 18AD6EA2A23E6497571F0ED594F7C703
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 8EA812E3B40328C5DBE1E93267339BE3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Деньги: Курсы обмена наличных валют, депозит, вклад, кредит | dengi.ua

Page URL History Show full URLs

  1. http://dengi.ua/ HTTP 301
    https://dengi.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

384
Requests

88 %
HTTPS

36 %
IPv6

58
Domains

83
Subdomains

52
IPs

14
Countries

3980 kB
Transfer

8425 kB
Size

82
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dengi.ua/ HTTP 301
    https://dengi.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://gaua.hit.gemius.pl/_1655526712469/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4PTQxbnUul0w8gpg0tB2WbHyfIa2A1o_cklcEEjIJ9z.w7bCns7vSeUOMQOFdm4AHsLVszAO2Ww5FLxpN4pbosX0MbnT/zKWKYPszACpdr/&ltime=199&fpdata=uAN19l_74yw9tm_VdjdmzRhH9K1AcYCy7Qkw9_YJPXr.d7&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1655526712469/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4PTQxbnUul0w8gpg0tB2WbHyfIa2A1o_cklcEEjIJ9z.w7bCns7vSeUOMQOFdm4AHsLVszAO2Ww5FLxpN4pbosX0MbnT/zKWKYPszACpdr/&ltime=199&fpdata=uAN19l_74yw9tm_VdjdmzRhH9K1AcYCy7Qkw9_YJPXr.d7&fpcap=
Request Chain 95
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=fffd3c99-88dd-4ec6-b918-8e6d19c113c8&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=fffd3c99-88dd-4ec6-b918-8e6d19c113c8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D2ea85777-f46e-46db-b19b-c9d6e048b064&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=3f4d62ad-5538-4700-89e9-b9f0c59cca63&expires=30&ssp=prodoohmox&bsw_param=2ea85777-f46e-46db-b19b-c9d6e048b064&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=2ea85777-f46e-46db-b19b-c9d6e048b064 HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=2ea85777-f46e-46db-b19b-c9d6e048b064&inner_redirect=1&inner_uuid=fffd3c99-88dd-4ec6-b918-8e6d19c113c8&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8=
Request Chain 155
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 168
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
Request Chain 197
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq1VOqSDP6mDi-gPxc44VQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
Request Chain 199
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
Request Chain 201
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq1VOqSDP6mDi-gPxc44VQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
Request Chain 203
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL_M8DkzRyH3JE4uB2AsXIg&google_cver=1
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJ_tXJmbHsX2GOBp-OOW5tA&google_cver=1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEG_JZCmNW3rUMhyTOtgkCA&google_cver=1
Request Chain 209
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=948d3c92-eebf-11ec-ac6b-155da6fd0106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ4ZDNjNDYtZWViZi0xMWVjLWFjNmItMTU1ZGE2ZmQwMTA2
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEDO6808ycltNR9w9YXBwWWs&_origin=1&google_cver=1
Request Chain 211
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
Request Chain 246
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBnK-MPyaYcuD0XGkvF-iBU&google_cver=1&google_push=ARnp8GAoTT_NiggS8GznP32mzExPB9Ad0hB-HTicTz6I9oeFX9Hmd3PR5BKW_8tVhWUGVawe-QLDqRAq59g6XxglVSXybCnxQfl_Pw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExMDQzMzA5NDI4NzYyMDIzOQ%3D%3D&google_push=ARnp8GAoTT_NiggS8GznP32mzExPB9Ad0hB-HTicTz6I9oeFX9Hmd3PR5BKW_8tVhWUGVawe-QLDqRAq59g6XxglVSXybCnxQfl_Pw
Request Chain 248
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEIO4OPqEoXbXzqo06l65E10&google_cver=1&google_push=ARnp8GCXtrQeAtiJdgem2gCF2jEvVIMePNGrqbqUIlW1hbLGMhIBQve33NtyhCQYVQkUKwQPJ6r2Y4vFL9KacJnci7wjUgKE1RqJMg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=OXVnTEV1b1VKcnJG&google_ula=2046794&google_push=ARnp8GCXtrQeAtiJdgem2gCF2jEvVIMePNGrqbqUIlW1hbLGMhIBQve33NtyhCQYVQkUKwQPJ6r2Y4vFL9KacJnci7wjUgKE1RqJMg
Request Chain 250
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDT4vW2KbU9UxYIZfGe_-a0&google_cver=1&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0ci6zlzJrHG4SX0C-Yf0ZrQ8mNtzKv0UVXZc5PHKu5XOZoQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0ci6zlzJrHG4SX0C-Yf0ZrQ8mNtzKv0UVXZc5PHKu5XOZoQ&google_gid=CAESEDT4vW2KbU9UxYIZfGe_-a0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4MjM5MDQ4MDEyMTM3Njk3NDM5Ng%3D%3D&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0ci6zlzJrHG4SX0C-Yf0ZrQ8mNtzKv0UVXZc5PHKu5XOZoQ
Request Chain 255
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEK5VOSFLDPImR1WGEJXUv84&google_cver=1&google_push=ARnp8GAOXtjitE_x9fFngG5YslMK7CKd6sTJNWdeuqLPKQL-pvUwZlLMnNlRcll2O9rLhrgVLWwbgu3xKxIzh78NCiYp9saUUc-M HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C98iFhHhTgqOxuTbLbiKsw2&google_push=ARnp8GAOXtjitE_x9fFngG5YslMK7CKd6sTJNWdeuqLPKQL-pvUwZlLMnNlRcll2O9rLhrgVLWwbgu3xKxIzh78NCiYp9saUUc-M
Request Chain 257
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOwdnCDvWxf23owH4lR3u7k&google_cver=1&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc1YSRsGH HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOwdnCDvWxf23owH4lR3u7k&google_cver=1&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc1YSRsGH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc1YSRsGH
Request Chain 258
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgm1AhudMTsu5UPC9uJj0I&google_cver=1&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV1Jtk7sFSFtS HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgm1AhudMTsu5UPC9uJj0I&google_cver=1&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV1Jtk7sFSFtS&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV1Jtk7sFSFtS&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
Request Chain 259
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECBC2ollYuIS40aMNXGocek&google_cver=1&google_push=ARnp8GD1fy9vAi7LnQBAW5Xi0ghoALqtBNV2ywKduypChMWN9GtWb6160_4jesnXnwzv4Mvzyhx1SwRBGElZvj0wyMiMYON1DEva HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD1fy9vAi7LnQBAW5Xi0ghoALqtBNV2ywKduypChMWN9GtWb6160_4jesnXnwzv4Mvzyhx1SwRBGElZvj0wyMiMYON1DEva
Request Chain 262
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAjORYUIWEPmk0t9bgsec1M&google_cver=1&google_push=ARnp8GCcDV-uX0p6QZq5OoAFPoLK2G6oyB4cjGplyTl1maYczzr-mEXL3cXD_S2MaR3ztV8MxPsudioaGXroxkwe6kUyaAU1amE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCcDV-uX0p6QZq5OoAFPoLK2G6oyB4cjGplyTl1maYczzr-mEXL3cXD_S2MaR3ztV8MxPsudioaGXroxkwe6kUyaAU1amE&google_hm=ODc3OTMwMzUyMjMyOTY3MjkwMA%3D%3D
Request Chain 263
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJDoTKSEov8YBeM6zGHXpJM&google_cver=1&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005YqOeNnz HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJDoTKSEov8YBeM6zGHXpJM&google_cver=1&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005YqOeNnz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005YqOeNnz
Request Chain 264
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAFL4oiaVvuTcgxka44GxlI&google_cver=1&google_push=ARnp8GAWgdIPkLr1e-YbWQyL7HDKx_7ia478Lhz3DFm7ussObvaOf_kqgTAW_6LxRKEIk_Y1J2hG8-SCMuTYEF7Xaew0ZBCyEkXA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAFL4oiaVvuTcgxka44GxlI&google_cver=1&google_push=ARnp8GAWgdIPkLr1e-YbWQyL7HDKx_7ia478Lhz3DFm7ussObvaOf_kqgTAW_6LxRKEIk_Y1J2hG8-SCMuTYEF7Xaew0ZBCyEkXA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EfFA7MO3RPm3ypYbf9ZqwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAWgdIPkLr1e-YbWQyL7HDKx_7ia478Lhz3DFm7ussObvaOf_kqgTAW_6LxRKEIk_Y1J2hG8-SCMuTYEF7Xaew0ZBCyEkXA
Request Chain 265
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH05GGN4902M9QipIWPmrrc&google_cver=1&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeYVRnMYmil3tQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH05GGN4902M9QipIWPmrrc&google_cver=1&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeYVRnMYmil3tQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeYVRnMYmil3tQ&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
Request Chain 266
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHicY41B7OZBw0pOYM8BPks&google_cver=1&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9elaVFZWQKL1dtaCE5TDyqBaNyUJuiyqLeuhztn3mjCb1Q HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHicY41B7OZBw0pOYM8BPks&google_cver=1&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9elaVFZWQKL1dtaCE5TDyqBaNyUJuiyqLeuhztn3mjCb1Q&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WVThZbFJKRTJ1RXVDZWRMWHlkOUI4TWZseTJWeU55RH5B&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9elaVFZWQKL1dtaCE5TDyqBaNyUJuiyqLeuhztn3mjCb1Q
Request Chain 270
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&google_cver=1&google_push=ARnp8GDI9A8ijN6_IMC7Q40m9q-lcEmoKQ5Gp0b9MgUN7NAEhVdT-bbp1Fr_0wSdWhAkRJbSykXdYPKfLKEDT1X9CYFAJoMDwMY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&google_cver=1&google_push=ARnp8GDI9A8ijN6_IMC7Q40m9q-lcEmoKQ5Gp0b9MgUN7NAEhVdT-bbp1Fr_0wSdWhAkRJbSykXdYPKfLKEDT1X9CYFAJoMDwMY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBITU9DMEsxTzJxN001&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&google_cver=1&google_push=ARnp8GDI9A8ijN6_IMC7Q40m9q-lcEmoKQ5Gp0b9MgUN7NAEhVdT-bbp1Fr_0wSdWhAkRJbSykXdYPKfLKEDT1X9CYFAJoMDwMY
Request Chain 271
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIzRcTBgw0Zc4E2sLoi9g5c&google_cver=1&google_push=ARnp8GDhA0bWp2LP8WMU-mor1VDGR1CI7uihPv1RYqUMGogkYc8pemxOzgCpxWZYufnKPyeP71XJKov8FRzcivttFsaRw3IM-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P01irVU4RwCJ6bnwxZzKYw&google_push=ARnp8GDhA0bWp2LP8WMU-mor1VDGR1CI7uihPv1RYqUMGogkYc8pemxOzgCpxWZYufnKPyeP71XJKov8FRzcivttFsaRw3IM-g
Request Chain 272
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGwF-Eju3XVNsBNI_4YYp-s&google_cver=1&google_push=ARnp8GBPpwC56yMyEMDHRvebT_KkIoBvtFBHwOwdty77S7Toq4czY_CWgUnnXF4lJayZ4oN3Ln52l3j9JPJImCmZBfwX34qlPKg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=j668rMEzR92t6CQHXhG81A2&google_push=ARnp8GBPpwC56yMyEMDHRvebT_KkIoBvtFBHwOwdty77S7Toq4czY_CWgUnnXF4lJayZ4oN3Ln52l3j9JPJImCmZBfwX34qlPKg
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED5K8MJnVu8EWlVnxb13FEE&google_cver=1&google_push=ARnp8GAClQ0nDLYhbxNeDqD0IvapU4y0eUCvB9HeYtj6dgi6pRZF1Vnl-VUjEhG2Mx4yNeQugaOnvzZge8u3Wv6eP18T8pI5tw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRFYwNVEtUy1KWk9P&google_push=ARnp8GAClQ0nDLYhbxNeDqD0IvapU4y0eUCvB9HeYtj6dgi6pRZF1Vnl-VUjEhG2Mx4yNeQugaOnvzZge8u3Wv6eP18T8pI5tw
Request Chain 274
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_cver=1&google_push=ARnp8GBQdDtF1x7p_kRv2apmih3hMFN_hdo1BGbuGmjybPM8xCbpDhvbr2S5mTfL9Edtg7FkVCA9BqVxSVnTkN1_U0E6oxz2xTY HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_push=ARnp8GBQdDtF1x7p_kRv2apmih3hMFN_hdo1BGbuGmjybPM8xCbpDhvbr2S5mTfL9Edtg7FkVCA9BqVxSVnTkN1_U0E6oxz2xTY&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1VOnNuJCwa4KxrdOmFdwAAAp8AAAAB&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_push=ARnp8GBQdDtF1x7p_kRv2apmih3hMFN_hdo1BGbuGmjybPM8xCbpDhvbr2S5mTfL9Edtg7FkVCA9BqVxSVnTkN1_U0E6oxz2xTY&google_cver=1
Request Chain 275
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJDw2hcaSjp-EJGlPKx0fSU&google_cver=1&google_push=ARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1655526714196 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-601a4669-80f4-4065-8603-713fdfecf478-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM%26google_hm%3DA2AaRmmA9EBlhgNxP9_s9Hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM&google_hm=A2AaRmmA9EBlhgNxP9_s9Hg
Request Chain 280
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120264& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=576356007&pxid=120264&
Request Chain 281
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120265& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=836210025&pxid=120265&
Request Chain 282
  • https://ad.doubleclick.net/ddm/activity/src=10568357;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1846322437 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=10568357;dc_pre=CPfV4M2VtvgCFYaNmgoda0wANA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1846322437 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CPfV4M2VtvgCFYaNmgoda0wANA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1846322437
Request Chain 285
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120264& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=337339905&pxid=120264&
Request Chain 286
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120265& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=317798839&pxid=120265&
Request Chain 287
  • https://ad.doubleclick.net/ddm/activity/src=10568357;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1405950402 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=10568357;dc_pre=CIvX4M2VtvgCFVTzmgod7iICDA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1405950402 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CIvX4M2VtvgCFVTzmgod7iICDA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1405950402
Request Chain 290
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120264& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=224483398&pxid=120264&
Request Chain 291
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120265& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=400165828&pxid=120265&
Request Chain 292
  • https://ad.doubleclick.net/ddm/activity/src=10568357;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1329071475 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=10568357;dc_pre=CMXa4M2VtvgCFY_WmgodOBsKHw;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1329071475 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CMXa4M2VtvgCFY_WmgodOBsKHw;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1329071475

384 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dengi.ua/
Redirect Chain
  • http://dengi.ua/
  • https://dengi.ua/
100 KB
24 KB
Document
General
Full URL
https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
3b5ca0e48d335653e3d092edecf97fae1394b1636aabeb3a195d79b2a577e345

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 04:31:57 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Sat, 18 Jun 2022 04:31:57 GMT
Location
https://dengi.ua/
Server
nginx
js
www.googletagmanager.com/gtag/
101 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11903997-1
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23901faad9c2ce4cfb6697dedbf1569ef2ffefee4f58588063c84aee72060e37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39866
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Jun 2022 04:31:51 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-06-18T04:31:35+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
holder.js
i.holder.com.ua/t/
9 KB
4 KB
Script
General
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Sun, 18 Jun 2023 04:31:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d406c433c3815efb8532ecdcd2f260abdc4cf92c334af4c8ddec25cf33ef4c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56455
x-xss-protection
0
server
cafe
etag
8951489553976227848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 04:31:52 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/
152 KB
17 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2108979
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17210
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-2606e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4lYCJ%2Bgq3GXRL9FjiGst5pn53Aep50luYMMyZeK9eW9I9q7Q0qEvCFD5N61ytKO08XFu4ZWFDiIeIOWYVTbQFK6%2FVndgcM1Bu%2BalPXHGOP%2BxNt4eux5H%2F6pIs7ecwZCkjndkWPvnydnUN5gp9INa6yM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3d4867cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:51 GMT
owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/
3 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1903431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-d17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WG4PtIF9Ij54buyLs4WXI2TV4AkChCQN7QKpV0KkJAR3NnU82qjZQ02hF2raMobfwuu1RZVLwOHaSfzhgCHMABM%2FVrYgZ4ju6Pflm7Hs0t%2F4Atg7vEi0EaIQ5g%2FncYVot3oc0%2BD56tiO2q%2FnnVGfKcYS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3d4868cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:51 GMT
sprite.min.css
dengi.ua/css/
275 B
418 B
Stylesheet
General
Full URL
https://dengi.ua/css/sprite.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e58c753d0a3db639d4a0ba7f7f354994cc17633fe0d8f5da3220ca95d952309d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Wed, 30 Sep 2020 08:02:35 GMT
server
nginx
etag
W/"5f743b9b-113"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.min.css
dengi.ua/css/
41 KB
8 KB
Stylesheet
General
Full URL
https://dengi.ua/css/styles.min.css?10
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
acf0a7f4b2e838f23bb55dd85a45a62a30800810da73c2c8383d3380de227e2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 09:42:31 GMT
server
nginx
etag
W/"60b8a407-a252"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/
6 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
111778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2517
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpkv4cMFqw0Lxz1GTtjrP8ENL%2F5xlttr9v9Hm5v87FDE7nd2g5pDrUhuzcz6ixtNsCnOi%2FUnmhbYGaI2O9YfXMxopv89dNz1SeTLF4q6cR89ekq02JKfgpIHK2WUZFsPzxANg%2FTpYyobSAA%2BplYdZkwP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3d4869cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:51 GMT
common.css
dengi.ua/click/css/
571 B
437 B
Stylesheet
General
Full URL
https://dengi.ua/click/css/common.css?1
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 13:55:41 GMT
server
nginx
etag
W/"5e6f855d-23b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-credentials
true
access-control-allow-headers
*
notice.css
dengi.ua/click/common/CookiesNotice/
945 B
635 B
Stylesheet
General
Full URL
https://dengi.ua/click/common/CookiesNotice/notice.css?3
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Wed, 15 Apr 2020 07:30:42 GMT
server
nginx
etag
W/"5e96b822-3b1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-credentials
true
access-control-allow-headers
*
custom.css
dengi.ua/a-custom/
1 KB
675 B
Stylesheet
General
Full URL
https://dengi.ua/a-custom/custom.css?25
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8750955dc9849aa1f13a62c862aadd2ee900157be523740d6914a5a599182af3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Wed, 30 Sep 2020 08:02:35 GMT
server
nginx
etag
W/"5f743b9b-408"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
dengi.ua/img/
2 KB
2 KB
Image
General
Full URL
https://dengi.ua/img/logo.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
4fde05972e07818972ca37acd5fe202b748135be03d11ca6a8242769bd186bcb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-629"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1577
expires
Thu, 31 Dec 2037 23:55:55 GMT
3x2.png
dengi.ua/img/
97 B
362 B
Image
General
Full URL
https://dengi.ua/img/3x2.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
b68a1ba91deb32619434087b6672ff157e24654bc1285d5a70ea9eeb01726e91

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-61"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
97
expires
Thu, 31 Dec 2037 23:55:55 GMT
1x1.png
upload.wikimedia.org/wikipedia/commons/c/ca/
95 B
1 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 23:32:02 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
17989
x-cache-status
hit-front
x-cache
cp3065 miss, cp3061 hit/20309
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
95
x-client-ip
2001:ac8:21:e::6
x-object-meta-sha1base36
1q4na1xj6topzln51tpzqqxtdtdwo9p
accept-ranges
bytes
last-modified
Sat, 04 Apr 2020 08:42:56 GMT
server
ATS/8.0.8
etag
71a50dbba44c78128b221b7df7bb51f1
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/
86 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3730341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HnEODMibt%2BELZhFjPsrOmQqwNUoyIybbIiQytMX1hkhvi5UK3LTLrvwpzz%2BerMfX8bGUrc2cTyV9Wyihi7mAg6ILCETPtKD5L%2BjcTDFHje2a2Cz0GSq62wy9LpDaDOhSPOl5asUJRlFcbtEmezp1srZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3e78ddcc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:52 GMT
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/
77 KB
20 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
110214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19586
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-1332b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJic8%2BT6Tc3JfJip4X7AklnvBOuljA%2F%2B%2F9jA8umxa84JVJ%2Fi%2FH3NuJgu0YVtGsTTXl7EJ43%2FKXDImgCMlMKFNApqOsZTIVq5MUmfrMzj%2FxbJ7HrhwBCfn5T%2BMQ276J10oUeFn1p4twgDGNsH%2B5Z9jFxa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3e88e5cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:52 GMT
jquery.lazy.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/jquery.lazy.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20775371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2092
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-139f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1L5GXE7M6Gqh8hS5yP8FFJhv6Pfnz4gJxYY3aLH55ClCA2u2HnqeHXXbGs2LXtXPLPOr6EvuL7T0mA81iCCffn%2FAZ%2FySyJC3UjXfXnshp%2Fk7TdeKojCjd6P7n7qHIbxjg1VDNh0mhSRFk22JrqnR2hs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3e88e9cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:52 GMT
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/
43 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5611430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10158
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Zkz%2FVWliWgBxDA1VJCxfmGHxJDLXXNi5Fk%2Fg3tTfJp0a6xqFbceVMExkN871YZ99RmkgIOMXxImKjadU9eODUAe5jrSDj4IqAU8xWmgNuSouYty28P5BxPa9xi4P1DQWnLY4XcGk3u8rnHeP8z%2Bs8KW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3e88ebcc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:52 GMT
custom.js
dengi.ua/a-custom/
98 B
389 B
Script
General
Full URL
https://dengi.ua/a-custom/custom.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6d15cb059fde6785b76e5613e4ee4407a1f07e339d40f1a1383b60eaec13ec92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 14:04:14 GMT
server
nginx
etag
W/"5e87425e-62"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.min.js
dengi.ua/js/
6 KB
2 KB
Script
General
Full URL
https://dengi.ua/js/script.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6cec0e38347b38f35dc946f2d2b435d9227e38b225ddec57e62261aced6bdb79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 14:04:14 GMT
server
nginx
etag
W/"5e87425e-1906"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
on-ready-widget.js
dengi.ua/click/modules/content/js/
1 KB
732 B
Script
General
Full URL
https://dengi.ua/click/modules/content/js/on-ready-widget.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
10c5dd1eaabf5bbf1cbee087b83d068915e9d17bd19b0ae79f3786e035a6c09b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 14:03:20 GMT
server
nginx
etag
W/"5e874228-412"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
article-stat-v2.js
dengi.ua/click/js/
976 B
580 B
Script
General
Full URL
https://dengi.ua/click/js/article-stat-v2.js?8
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2019 05:26:10 GMT
server
nginx
etag
W/"5cc68af2-3d0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/
1 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6262519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbK1g7RMQwdthwsdKmuyD6KfDy7ELdRI8rowEm8qYPAa7ZHrusngsq5uRnqLAR2JF0V6dkO0VZqAFYdDeZXAHazhvn6TpvzR5WhdpMrD7wN66GN4k9f3cRuyoe78yPA4uUnOWPfThPwT57FIeLLWyF%2FV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3e98f2cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:52 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
110482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bodEpv51h3JGaznR460lxHar7lixWwowmHj%2BDIk2oUl1V3G%2F3wHqtyhZQoXl17OwPbWGKWBYMwnNgh3sqZNCSZF7rlsq3nZvHzjUhXUNMHrPd55%2BJyphNTq0bCWWheQdPYvavWRr61yCDpX7X949UnRo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3e98f3cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:52 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27236846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzrNYs5kMo7%2FDNS25gHnYHiRRe8zUkrNyd5nRbI5erv2rSXOTjyi60QxL6Bxnofi13QPcmowkUomNTJLwlSZMgvTyxBeQ2g10FK1rjl3%2F9zn6dKEEnFu0xr5geQtOp1EcU6uwOJ07ObCjs%2F0RQSG%2BXKY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71d14c3e98f4cc4e-ZRH
expires
Thu, 08 Jun 2023 04:31:52 GMT
common.js
dengi.ua/click/js/
3 KB
1001 B
Script
General
Full URL
https://dengi.ua/click/js/common.js?1
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Mon, 06 Jan 2020 10:11:50 GMT
server
nginx
etag
W/"5e1307e6-a00"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
user.js
dengi.ua/click/modules/user/js/
278 B
465 B
Script
General
Full URL
https://dengi.ua/click/modules/user/js/user.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6939ea70c8ba34d1291f1c0469d399533f0b090a5078ceea7f317e06a1b1bf09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Thu, 12 Mar 2020 08:27:12 GMT
server
nginx
etag
W/"5e69f260-116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
notice.js
dengi.ua/click/common/CookiesNotice/
648 B
489 B
Script
General
Full URL
https://dengi.ua/click/common/CookiesNotice/notice.js?2
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 13:24:19 GMT
server
nginx
etag
W/"5e42ab03-288"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11903997-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6165
date
Sat, 18 Jun 2022 02:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 18 Jun 2022 04:49:07 GMT
xgemius.js
gaua.hit.gemius.pl/
52 KB
14 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 16:52:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
14031
expires
Sat, 18 Jun 2022 16:31:52 GMT
e.js
cdn.umh.ua/libs/
6 KB
3 KB
Script
General
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Sun, 19 Jun 2022 04:31:52 GMT
search.svg
dengi.ua/img/icons/
216 B
486 B
Image
General
Full URL
https://dengi.ua/img/icons/search.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1306abec4b8ee8a93b580fe6c9aad3599a865964a352e7f4e7d7e4400c8c1c6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-d8"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
216
expires
Thu, 31 Dec 2037 23:55:55 GMT
user.svg
dengi.ua/img/icons/
228 B
498 B
Image
General
Full URL
https://dengi.ua/img/icons/user.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
89bc864825d33292d943d11957b9f3f987ac048786033e60ac6ac0c2bbe7b19c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-e4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
228
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Bold.ttf
dengi.ua/fonts/Roboto/
166 KB
167 KB
Font
General
Full URL
https://dengi.ua/fonts/Roboto/Roboto-Bold.ttf
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

Referer
https://dengi.ua/css/styles.min.css?10
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-2996c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://dengi.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
170348
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Regular.ttf
dengi.ua/fonts/Roboto/
167 KB
168 KB
Font
General
Full URL
https://dengi.ua/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Request headers

Referer
https://dengi.ua/css/styles.min.css?10
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-29d08"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://dengi.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
171272
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Medium.ttf
dengi.ua/fonts/Roboto/
168 KB
168 KB
Font
General
Full URL
https://dengi.ua/fonts/Roboto/Roboto-Medium.ttf
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Request headers

Referer
https://dengi.ua/css/styles.min.css?10
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-29e88"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://dengi.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
171656
expires
Thu, 31 Dec 2037 23:55:55 GMT
page.php
www.facebook.com/plugins/ Frame 1A83
15 KB
9 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44d8a29337d8884e821cae4a34e53b03f5c63af3d9822ef602e41a660352b1b5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sat, 18 Jun 2022 04:31:52 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
lvMKlLtjiE/L2fcx342Zf/jHXb763AFarYOPrPAh0gw/P4dSOe2pHoteHryobyBYMmUcx85+0lEojKcXYS/2rg==
x-fb-rlafr
0
x-xss-protection
0
sprite.png
dengi.ua/img/icons/
784 B
1 KB
Image
General
Full URL
https://dengi.ua/img/icons/sprite.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/sprite.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
14d56b0bb498f3ea550d0c97baffe43bb61175733e503c1a31dd4e6f744e736d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/sprite.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-310"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
784
expires
Thu, 31 Dec 2037 23:55:55 GMT
arr-left.svg
dengi.ua/img/icons/
161 B
431 B
Image
General
Full URL
https://dengi.ua/img/icons/arr-left.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
912f911aa605e91352bc8fe84466d20b3e4d95f40b57a6f4503344c85d541931

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-a1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
161
expires
Thu, 31 Dec 2037 23:55:55 GMT
arr-right.svg
dengi.ua/img/icons/
161 B
431 B
Image
General
Full URL
https://dengi.ua/img/icons/arr-right.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
56c24961aedbef6e5c5a17d918a7cf838d75ed2cadb67493d4aaaeaca9c18f78

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-a1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
161
expires
Thu, 31 Dec 2037 23:55:55 GMT
85139160dd3626996b59bfa8bd23066b-quality_70Xresize_crop_1Xallow_enlarge_0Xw_567Xh_378.jpg
dengi.ua/i/63/26/23/3/6326233/image_main/
17 KB
17 KB
Image
General
Full URL
https://dengi.ua/i/63/26/23/3/6326233/image_main/85139160dd3626996b59bfa8bd23066b-quality_70Xresize_crop_1Xallow_enlarge_0Xw_567Xh_378.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c7a646d0e69f4566183d75261c74532e3eb5b75be8cb45a202618d57ca51d77e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Fri, 17 Jun 2022 13:53:45 GMT
server
nginx
etag
"62ac8769-449c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
17564
expires
Thu, 31 Dec 2037 23:55:55 GMT
ecf23c3fa47f62c079f74c1fbcfdd810-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
dengi.ua/i/63/26/37/0/6326370/image_main/
48 KB
48 KB
Image
General
Full URL
https://dengi.ua/i/63/26/37/0/6326370/image_main/ecf23c3fa47f62c079f74c1fbcfdd810-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
76d83e3086d32ed6fe091287ba45df3026f6e3302833a21577f9c488a8ec653c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Fri, 17 Jun 2022 16:11:51 GMT
server
nginx
etag
"62aca7c7-c0b7"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
49335
expires
Thu, 31 Dec 2037 23:55:55 GMT
8fa8190b6d69a5a26914fec259af5bbd-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
dengi.ua/i/63/26/33/9/6326339/image_main/
22 KB
22 KB
Image
General
Full URL
https://dengi.ua/i/63/26/33/9/6326339/image_main/8fa8190b6d69a5a26914fec259af5bbd-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
874623caa9d2444b43308de2a339ce94bb6af54178c9630f6f5ec31a478bc517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Fri, 17 Jun 2022 15:31:07 GMT
server
nginx
etag
"62ac9e3b-5786"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
22406
expires
Thu, 31 Dec 2037 23:55:55 GMT
b345037ada627b8c879952c0f8686dda-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
dengi.ua/i/63/26/30/7/6326307/image_main/
36 KB
37 KB
Image
General
Full URL
https://dengi.ua/i/63/26/30/7/6326307/image_main/b345037ada627b8c879952c0f8686dda-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dcd9b5ebb5977f9fc11d2c8e3794483c407beb063712cd8fe9d6b523d2ed2faf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
last-modified
Fri, 17 Jun 2022 14:51:36 GMT
server
nginx
etag
"62ac94f8-9110"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
37136
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
c.bigmir.net/
130 B
421 B
Script
General
Full URL
https://c.bigmir.net/?o1&v147337&s145856&t6&c1&n471216&w0&y0&d24&r1600
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
fca8bf0f20c4995895c05df23122bff6e8e571c45d7794443f5927d60649cfed

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:52 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1593202353&t=pageview&_s=1&dl=https%3A%2F%2Fdengi.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1083004399&gjid=1384614041&cid=1634419419.1655526712&tid=UA-11903997-1&_gid=1735230031.1655526712&_r=1&gtm=2ou6f0&z=1907459386
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 3A68
738 B
510 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 04:31:52 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc38
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/
23 KB
8 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/
75 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
load
z.cdn.umh.ua/
2 KB
2 KB
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1380857846&div=zone_1380857846&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
1f1c8f1795dbbf629c8b2d0bb056f19a83843d15d3a48036e0cee5491e6c5685

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
1242
expires
-1
load
z.cdn.umh.ua/
42 B
367 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1294580464&div=zone_1294580464&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
bd6189087cad9d19fb214c8200364606a5dd73a4f8dc8690726ff774473b9cd4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/
921 B
971 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1159995315&div=zone_1159995315&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
d79de2ca577febf89000fd75858530071082febb0c190f9a413c7c8a32e36dc2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
620
expires
-1
load
z.cdn.umh.ua/
1 KB
1 KB
Script
General
Full URL
https://z.cdn.umh.ua/load?z=2056070941&div=zone_2056070941&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
3406b94f0f9a522566ba71a5022f33ad44ce94ff6c0fc92e51d5b43b37ee2195

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
745
expires
-1
load
z.cdn.umh.ua/
57 B
382 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1390205423&div=zone_1390205423&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
5b79c21d8f1c4efd78aa32cbcbc42fa0709305b7a75637af7f3cafa03dbfc174

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/
3 KB
2 KB
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1542284465&div=zone_1542284465&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
65c1eb70e8e4fa1ef5d90a0fd5e0d2965c5cbc61cb09706f5dca725cfea01ebd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
1338
expires
-1
load
z.cdn.umh.ua/
75 B
202 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=2046209506&div=zone_2046209506&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
0bdd41f689eb4e425bf3eff8db44c60932c88999e4f00a9b05309e5ae68adb10

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/
1 KB
940 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1198542071&div=zone_1198542071&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
d2f3afcb915897272d11b78d4fec7cc739a8abaab05fb4bbfcb28991c78e357a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
787
expires
-1
fpdata.js
gaua.hit.gemius.pl/
277 B
391 B
Script
General
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=dengi.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
880cd838bf06632fb7720bbfcc917feb8868a488ba28989ae0992b5d8bf7b58e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Mon, 18 Jul 2022 04:31:52 GMT
lsget.html
ls.hit.gemius.pl/ Frame B7A3
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
e354704588f56c7ab3837af35cfe1a4ee0494717682586a45df80ebe5c65523a

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2719
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:52 GMT
etag
PRIVATE7520710249
expires
Mon, 18 Jul 2022 04:31:52 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
uW5A-9M9qu_.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame 1A83
18 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/uW5A-9M9qu_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
417dbce419383072377a955804304271ad17feb16889c06d05023898df3b6a49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wNfQQXzjcvSHi20fs+m+0w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4761
x-fb-rlafr
0
x-fb-debug
iWKKIkCgSDwdKQoG7+S6NO4As6RZZPyS7YyMJ6+mAL8RoK0lL5quBE5tP+xC3msU7vnVNLZbPm4vftj7VvFy1w==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 17 Jun 2023 14:50:12 GMT
main.js
go.rcvlink.com/static/ Frame 5EE2
6 KB
3 KB
Script
General
Full URL
https://go.rcvlink.com/static/main.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1380857846&div=zone_1380857846&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e8dcdf5dff373850306ae1bb9c886dbeb76540e57163f2124a52408fad73ec2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 21:45:12 GMT
server
nginx
etag
W/"622bc2e8-18d0"
content-type
application/javascript
cache-control
max-age=86400
expires
Sun, 19 Jun 2022 04:31:52 GMT
dengi.ua.1296110.js
jsc.idealmedia.io/d/e/
2 KB
1 KB
Script
General
Full URL
https://jsc.idealmedia.io/d/e/dengi.ua.1296110.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1159995315&div=zone_1159995315&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472da821a9382665bbc3e14b8b15326045957bb473ee08cb2f89eeecb2ad70e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
VSACM2S9GWY3BT8B
cf-ray
71d14c4078f535bf-MAN
content-length
903
x-amz-id-2
FSZl2wSLy0xad/IJY/V9zphTrYooOZ+3xORGhxkncQdbbJw7unhhfGJzSUhtAQvs1zV7j0mKXkg=
last-modified
Wed, 08 Jun 2022 10:40:55 GMT
server
cloudflare
etag
"8cea713b7c1acb170d83a779849f70bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
UDTrKTJGGqDb9tZbI6DfPriROri1Hj8c
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 18 Jun 2022 07:31:52 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 0FDC
738 B
396 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 04:31:52 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc38
collect
stats.g.doubleclick.net/j/
7 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11903997-1&cid=1634419419.1655526712&jid=1083004399&gjid=1384614041&_gid=1735230031.1655526712&_u=YEBAAUAAAAAAAC~&z=1726971881
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 18 Jun 2022 04:31:52 GMT
content-type
text/plain
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/
29 KB
10 KB
Script
General
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1198542071&div=zone_1198542071&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Jun 2022 05:31:52 GMT
dengi.ua.1296110.es6.js
jsc.idealmedia.io/d/e/
249 KB
76 KB
Script
General
Full URL
https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df82386e5e72d1afc038af67db01bf5c1c15ac1df46c8a714b750ef8f3b347b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
6KW5XGWH1EADB2HA
cf-ray
71d14c40d96335bf-MAN
content-length
77283
x-amz-id-2
DMHdSGXcXswRGQz2f0AS2JJmnG3FHvNi51BmiLIkVW5TY791+xq7HRL3JpnSiSj5OzmcAaDzhac=
last-modified
Wed, 15 Jun 2022 13:33:47 GMT
server
cloudflare
etag
"5fce9cbd0950818faef2e61cae60e874"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
LOTuol.PVCEKmYLBWXTwnhwnmVgfwKbU
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 18 Jun 2022 07:31:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=2056070941&div=zone_2056070941&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=997&pl=3&mi=4&me=8&hc=4&n=1655526712261&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=2971605606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e84ab0d57db91411f1d6b8c4e2314f10ff72ac1fedf78eaa941740bdeec141d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51266
x-xss-protection
0
server
cafe
etag
5032175841326690450
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 04:31:52 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1655526712469/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1655526712469/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F...
  • https://gaua.hit.gemius.pl/__/_1655526712469/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua...
169 B
426 B
Script
General
Full URL
https://gaua.hit.gemius.pl/__/_1655526712469/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4PTQxbnUul0w8gpg0tB2WbHyfIa2A1o_cklcEEjIJ9z.w7bCns7vSeUOMQOFdm4AHsLVszAO2Ww5FLxpN4pbosX0MbnT/zKWKYPszACpdr/&ltime=199&fpdata=uAN19l_74yw9tm_VdjdmzRhH9K1AcYCy7Qkw9_YJPXr.d7&fpcap=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
5ebbe5a236f15eff9c9cc690d3b27921683e62cf9b9fcf52588e19ce394e5e77

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Fri, 17 Jun 2022 04:31:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1655526712469/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=4PTQxbnUul0w8gpg0tB2WbHyfIa2A1o_cklcEEjIJ9z.w7bCns7vSeUOMQOFdm4AHsLVszAO2Ww5FLxpN4pbosX0MbnT/zKWKYPszACpdr/&ltime=199&fpdata=uAN19l_74yw9tm_VdjdmzRhH9K1AcYCy7Qkw9_YJPXr.d7&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 17 Jun 2022 04:31:52 GMT
/
c.bigmir.net/
124 B
415 B
Script
General
Full URL
https://c.bigmir.net/?o1&v1630&s23&t6&c1&n538274&w0&y0&d24&r1600
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
799790a46451fd067e0c386d3ddddb943311950c1621d133f7260bdc08195017

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:52 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11903997-1&cid=1634419419.1655526712&jid=1083004399&_u=YEBAAUAAAAAAAC~&z=1775000250
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11903997-1&cid=1634419419.1655526712&jid=1083004399&_u=YEBAAUAAAAAAAC~&z=1775000250
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
go.rcvlink.com/cs/1/ Frame 5EE2
34 B
237 B
Script
General
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
1e485f27fadd2d31d1418f59a2d716a207ffafd7e97f32c2347b088d555a5523

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b15
cache-control
private, max-age=315360000
expires
Tue, 15 Jun 2032 07:31:52 +0300
s
r.i.ua/
43 B
505 B
Image
General
Full URL
https://r.i.ua/s?u11&p0&n0.8691090784370603&c1&d24&w1600&h1200&rdengi.ua/
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, must-revalidate
cf-ray
71d14c41fb17360d-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
z
s.zmctrack.net/ Frame 0B01
50 KB
23 KB
XHR
General
Full URL
https://s.zmctrack.net/z
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
400cf89053b2a51dad6c86ddec939c27d56d619190d2e68b3dafc7860e1c1459

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23330
expires
Thu, 01 Jan 1970 00:00:01 GMT
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b7275&c1&r36019705&dholder1294580464&hhttps%3A//dengi.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:52 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/
0
0
Script
General
Full URL
https://h.holder.com.ua/s?ta&bholder_300x100_4379&c1&r36019705&dholder1390205423&hhttps%3A//dengi.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:52 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
index
dengi.ua/click/content/show/
364 B
498 B
XHR
General
Full URL
https://dengi.ua/click/content/show/index?content_alias=currency_calc_data&cid=15&site=dengi&aid=1691282&template=right-currency&produced_url=%2F&send_options=&0.34600032493550903&_=1655526712122
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
d51d8bbb9f6b485d965653ff90dcd150aedf2fd7fed2c9cf8c58712fe8d5b918

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
add-view
dengi.ua/click/articles/stat/
39 B
272 B
XHR
General
Full URL
https://dengi.ua/click/articles/stat/add-view?cid=15&site=dengi&aid=1691282&0.7757633761187235
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dengi.ua
access-control-allow-credentials
true
access-control-allow-headers
*
index
dengi.ua/click/content/show/
130 B
395 B
XHR
General
Full URL
https://dengi.ua/click/content/show/index?content_alias=onready_user_auth_templates&cid=15&site=dengi&aid=1691282&template=header-login-button&produced_url=%2F&send_options=&0.6999122114615011&_=1655526712123
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dc7af645ced73024fc89f84cbb8c72a3eacd05a5daaa50c2b64f9091d5cdf18b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
index
dengi.ua/click/content/show/
1 KB
767 B
XHR
General
Full URL
https://dengi.ua/click/content/show/index?content_alias=onready_user_auth_templates&cid=15&site=dengi&aid=1691282&template=modal-login&produced_url=%2F&send_options=&0.46347057962548677&_=1655526712124
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
53f04d9ce71520a466e682e4331b8e3f0e35fcb4e545d8c3c2d6c271515d4fd2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:58 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
iframe.htm
go.rcvlink.com/static/ Frame C549
17 KB
7 KB
Document
General
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b5d759ff9d75be634664fc1ae80f63318195ad6e7e40c0df9fd9e3e0ba43be

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 04:31:52 GMT
etag
W/"623db510-4430"
expires
Sun, 19 Jun 2022 04:31:52 GMT
last-modified
Fri, 25 Mar 2022 12:26:56 GMT
server
nginx
impress
ad.mox.tv/delivery/
18 KB
10 KB
XHR
General
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1557&height=300&width=400&tld=dengi.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=dengi.ua&top_url=https%3A%2F%2Fdengi.ua%2F&domain=dengi.ua&url=https%3A%2F%2Fdengi.ua%2F&referrer=&async=1&uid=8307761033
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dd7909f7860ad301638209b00f4fd5c925cd52362aead8755a27be096eafed9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://dengi.ua
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
dsp.aspx
inv-nets.admixer.net/
222 B
675 B
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5859888210399913&cpv=02515314-745a-f5c0-0276-88e842e5bc69&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2218d6509e-95a1-0ca6-3a58-196e64409d97%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fdengi.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22cee19f21-b076-ba35-0b5c-08eb1e47434a%22%2C%22tagid%22%3A%22b1a45f41-c850-4c1a-99ab-f9f20ac940a8%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer2046209506%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
11bb4124c16516b35cab2ab3e4503fd8748c11da10a6fe2784c8855b2953a1ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:52 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
202
X-Xss-Protection
0
/
go.rcvlink.com/bdto/9ASamGVc3b/ Frame C549
4 KB
2 KB
XHR
General
Full URL
https://go.rcvlink.com/bdto/9ASamGVc3b/?cache=tp3b493auWby2x8&ver=220325-1426&w=320&h=0&vw=1600&ms=329.0&ref=https%3A%2F%2Fdengi.ua%2F
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
50186f885825a46441fe9dbb32d77b4985fbdb70974a98d8dd429f932f74d20c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Sat, 18 Jun 2022 04:31:52 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b20
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/json
expires
Sat, 18 Jun 2022 07:31:52 +0300
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae4419a323092d86de141aa2cdfcdfc6573f32f9a22fc535182b96a31822d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
17817371711773126683
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 04:31:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/ Frame DA2D
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
29764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 20:15:48 GMT
etag
8616628553774171045
expires
Fri, 01 Jul 2022 20:15:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/
15 KB
5 KB
Stylesheet
General
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
18297718
fly-request-id
01FMS77QYFR7T91A14VZPZC4YW
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71d14c430fd30208-ZRH
achernar.min.js
ad.mox.tv/js/achernar/
11 KB
4 KB
Script
General
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Jun 2022 05:31:52 GMT
prebid.js
ad.mox.tv/js/achernar/
237 KB
71 KB
Script
General
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Jun 2022 05:31:52 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5248c8e706ec8be86fdad29e8929ca59b3789e9151377141695b905539cae130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27885
x-xss-protection
0
server
sffe
etag
"1248 / 889 of 1000 / last-modified: 1655503484"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Jun 2022 04:31:52 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/
132 KB
38 KB
Script
General
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
18297760
fly-request-id
01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71d14c430fd50208-ZRH
mwayss_invocation.min.css
ad.mox.tv/mox/
3 KB
850 B
Stylesheet
General
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/
35 B
373 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/
0
66 B
Image
General
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
ad.mediawayss.com/delivery/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=fffd3c99-88dd-4ec6-b918-8e6d19c113c8&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=fffd3c99-88dd-4ec6-b918-8e6d19c113c8&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D2ea85777-f46e-46db-b19b-c9d6e048...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=3f4d62ad-5538-4700-89e9-b9f0c59cca63&expires=30&ssp=prodoohmox&bsw_param=2ea85777-f46e-46db-b19b-c9d6e048b064&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=2ea85777-f46e-46db-b19b-c9d6e048b064
  • https://ad.mediawayss.com/delivery/sync?userid=2ea85777-f46e-46db-b19b-c9d6e048b064&inner_redirect=1&inner_uuid=fffd3c99-88dd-4ec6-b918-8e6d19c113c8&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
0
0

4fa0a4b4b34a13abefc36d1dc8305ceb
st11.rcvlink.com/2/304/ Frame C549
16 KB
16 KB
Image
General
Full URL
https://st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
last-modified
Fri, 03 Jun 2022 09:50:28 GMT
server
nginx
etag
"6299d964-1bf89"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
16508
expires
Fri, 16 Sep 2022 04:31:52 GMT
dd012267-c569-4398-bf2d-e7a85006cfa5
https://dengi.ua/
0
0
Other
General
Full URL
blob:https://dengi.ua/dd012267-c569-4398-bf2d-e7a85006cfa5
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
f579c831-4d9f-49d9-a0f2-b891188eb983
https://dengi.ua/
245 B
0
Other
General
Full URL
blob:https://dengi.ua/f579c831-4d9f-49d9-a0f2-b891188eb983
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
gt.svg
go.rcvlink.com/img/ Frame C549
219 B
428 B
Image
General
Full URL
https://go.rcvlink.com/img/gt.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
56d1f1f3e5b1add4f774ea6c58dbb722abd040454ccc1cc1ce38e9fe98e9021d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
last-modified
Tue, 22 Jan 2019 19:51:29 GMT
server
nginx
etag
"5c477441-db"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
219
expires
Sat, 25 Jun 2022 04:31:52 GMT
logo160.png
go.rcvlink.com/img/ Frame C549
6 KB
6 KB
Image
General
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Sat, 25 Jun 2022 04:31:52 GMT
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/
28 KB
11 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/
42 KB
18 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-05-31T08:42:52+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 08:42:52 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/
13 KB
5 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-05-31T08:42:52+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 08:42:52 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/
11 KB
4 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-31T08:42:54+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 08:42:54 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/
215 KB
74 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:28+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
/
c.idealmedia.io/pv/
0
43 B
Script
General
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1655526712749296549246&uniqId=07a57&childs=1296171&lct=1655251200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdengi.ua%2F&lu=https%3A%2F%2Fdengi.ua%2F&sessionId=62ad5539-0af41&pageView=1&pvid=1817514e5ad96db5d2c&site=466734&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
71d14c42dad835bf-MAN
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
86de4981-613e-4c68-aae6-c07fefd9382c
https://dengi.ua/
1 KB
0
Media
General
Full URL
blob:https://dengi.ua/86de4981-613e-4c68-aae6-c07fefd9382c
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/
1 KB
910 B
Image
General
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1498
x-amz-request-id
3SA83W05S2W4Z85D
x-amz-id-2
EQwUjjZH5/J1AoUGniBZGEkiEUxmp+6tPR7h9R/PsP/jaQ0R7MpIxXWHRa45BBWFUC3rlfR8op8=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
71d14c42eaea35bf-MAN
expires
Sat, 18 Jun 2022 08:31:52 GMT
1
servicer.idealmedia.io/1296110/
1022 B
784 B
Script
General
Full URL
https://servicer.idealmedia.io/1296110/1?pv=5&cbuster=1655526712821229868010&uniqId=07a57&childs=1296171&lct=1655251200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=320&h=250&cols=1&ref=&cxurl=https%3A%2F%2Fdengi.ua%2F&lu=https%3A%2F%2Fdengi.ua%2F&sessionId=62ad5539-0af41&pageView=1&pvid=1817514e5ad96db5d2c&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f78f2725977ce58274bb51e4547a6dc692dbf03052eeab098d0f249c7b2837

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
71d14c434b3935bf-MAN
pubads_impl_2022061301.js
securepubads.g.doubleclick.net/gpt/
370 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
aedd1b112e247314f7e990485858511f15d21e57885ee131e9e1a3fec0173d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 21:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128384
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 08:35:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Jun 2023 21:31:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
453 B
821 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dengi.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9dc5eaf0ee09be94e860c4a570dbaf10aee89bd0c7480b59037f21aac62c1aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
184
x-xss-protection
0
expires
Sat, 18 Jun 2022 04:31:53 GMT
/
loadercdn.net/
0
170 B
Image
General
Full URL
https://loadercdn.net/?r=1&u=3fa47305e7d6195f&d=dengi.ua
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
server
openresty
cookie.js
partner.googleadservices.com/gampad/
212 B
640 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dengi.ua&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
48b048c91929694e52ef1d5eb05358ad72e428402af81d0c64c44daac06a0bb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=dengi.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dengi.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 59A0
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1655526712&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdengi.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712663&bpp=3&bdt=902&idt=274&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1914796011586&frm=20&pv=2&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=288
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 62D2
75 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cd57594a9006786b04705c4d20e7d35cd039a4107b54c7fedb3742050024228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29826
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9CE4
92 KB
32 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd718d22fff76ba478cd7cd1c603d82bb3217904717eacec1e5c5be8acc30339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32900
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzU3ZTFkODk0MTY2MjBiMGVmYjZmYjJmOWRiM2U4YTkxLmpwZWc.webp
s-img.idealmedia.io/g/3864259/492x277/0x30x750x500/
30 KB
31 KB
Image
General
Full URL
https://s-img.idealmedia.io/g/3864259/492x277/0x30x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzU3ZTFkODk0MTY2MjBiMGVmYjZmYjJmOWRiM2U4YTkxLmpwZWc.webp?v=1655526712-L5UYB2suDObq-i1TnlEiimku74hFj_Ky6LHlVVA8E98
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc7d5c866f5fa13297461243c843c6bc60da7a8a81496dc4c13881308dbfc55

Request headers

Referer
https://dengi.ua/
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 15:58:29 GMT
x-mg-request-uuid
25efab73-60d7-4e09-b68d-4ecc9bb89bd8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
71d14c44b9e554be-MAN
content-length
31194
server
cloudflare
expires
Sat, 18 Jun 2022 18:55:37 GMT
i.js
cm.idealmedia.io/
0
156 B
Script
General
Full URL
https://cm.idealmedia.io/i.js?&cbuster=1655526713000519485594
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
cf-cache-status
MISS
last-modified
Sat, 18 Jun 2022 04:31:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
71d14c446c0335bf-MAN
content-length
0
counter.php
autocounter.idealmedia.io/autocreative/
0
50 B
Image
General
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=466734&pid=49126&referer=&cxurl=https://dengi.ua/&undefinedh2=qfhc2xK2KoQKzoip0ATWKkRgECLkbhqjWY10mOTk7KU*&cbuster=1655526713002115440513
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
71d14c446c0535bf-MAN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
i-noref.js
cm.idealmedia.io/ Frame C780
0
40 B
Script
General
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=1655526713018840046506
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
cf-cache-status
MISS
last-modified
Sat, 18 Jun 2022 04:31:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
71d14c447c1535bf-MAN
content-length
0
truncated
/
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/
42 B
498 B
XHR
General
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 18 Jun 2022 04:31:53 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://dengi.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=dengi.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dengi.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
17 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=550910179926182&correlator=95859083817238&eid=31067875%2C42531605%2C42531607%2C31064018&output=ldjh&gdfp_req=1&vrg=2022061301&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_dengi.ua_s_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=2254616760&sfv=1-0-38&ecs=20220618&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3Da44de461550e5dcf-22cc0568b6cd0083%3AT%3D1655526713%3ART%3D1655526713%3AS%3DALNI_Mb6g6Ih5UI3_pnu5QfSppvx3yMIrg&abxe=1&dt=1655526713191&lmt=1655526713&dlt=1655526711761&idt=1384&biw=1600&bih=1200&adxs=1050&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
83ef97b39d9221b3e23c06a2705419aac746054478314d30a2224cb0358d9746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9678
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=550910179926182&correlator=95859083817238&eid=31067875%2C42531605%2C42531607%2C31064018&output=ldjh&gdfp_req=1&vrg=2022061301&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_dengi.ua_s_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1883238811&sfv=1-0-38&ecs=20220618&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Da44de461550e5dcf-22cc0568b6cd0083%3AT%3D1655526713%3ART%3D1655526713%3AS%3DALNI_Mb6g6Ih5UI3_pnu5QfSppvx3yMIrg&abxe=1&dt=1655526713195&lmt=1655526713&dlt=1655526711761&idt=1384&biw=1600&bih=1200&adxs=2250&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=true&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f930576dce334203146fda1a6ad0d97627ad51ac54baf30755a0cd660593f2f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9751
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=550910179926182&correlator=95859083817238&eid=31067875%2C42531605%2C42531607%2C31064018&output=ldjh&gdfp_req=1&vrg=2022061301&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Cdengi.ua_S_WW_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=2007843957&sfv=1-0-38&ecs=20220618&fsapi=false&sc=1&cookie=ID%3Da44de461550e5dcf-22cc0568b6cd0083%3AT%3D1655526713%3ART%3D1655526713%3AS%3DALNI_Mb6g6Ih5UI3_pnu5QfSppvx3yMIrg&abxe=1&dt=1655526713197&lmt=1655526713&dlt=1655526711761&idt=1384&biw=1600&bih=1200&adxs=3450&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=true&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b9f646bf7753af501baa9657f5311b0df4ae803be640db03fa04b9db6d48727c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9719
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=550910179926182&correlator=95859083817238&eid=31067875%2C42531605%2C42531607%2C31064018&output=ldjh&gdfp_req=1&vrg=2022061301&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Cdengi.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=1627408846&sfv=1-0-38&ecs=20220618&fsapi=false&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm146%26yb_tt%3Dtt1%26yb_ff%3D1%26yb_th%3D20%26yb_tm%3D31%26yb_wd%3D5&sc=1&cookie=ID%3Da44de461550e5dcf-22cc0568b6cd0083%3AT%3D1655526713%3ART%3D1655526713%3AS%3DALNI_Mb6g6Ih5UI3_pnu5QfSppvx3yMIrg&abxe=1&dt=1655526713198&lmt=1655526713&dlt=1655526711761&idt=1384&biw=1600&bih=1200&adxs=4650&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=true&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
20737ae9bf00b4b85a4097591d827e6b34590bc3a5409fedd61276d932f8741e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9620
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6F73
6 KB
4 KB
Document
General
Full URL
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sun, 18 Jun 2023 04:31:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
z
s.zmctrack.net/ Frame 21AE
102 B
446 B
XHR
General
Full URL
https://s.zmctrack.net/z
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
1fc5b3f4a0461510af67792bc90c244c1536599e367b17cd444f40222bb59e66

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://dengi.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
truncated
/
287 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
mob-burger.svg
dengi.ua/img/icons/
199 B
469 B
Image
General
Full URL
https://dengi.ua/img/icons/mob-burger.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
f0d2d5c0d8373ea3e787c353abefebde3a345b06f99751afe27697519d3afc15

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:59 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-c7"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
199
expires
Thu, 31 Dec 2037 23:55:55 GMT
close-modal.svg
dengi.ua/img/icons/
269 B
539 B
Image
General
Full URL
https://dengi.ua/img/icons/close-modal.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
51c4526f6ab88ff68a7dd2400ed53f87949f63afe5a0a8694ad8cc082eef3805

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:59 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-10d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
269
expires
Thu, 31 Dec 2037 23:55:55 GMT
google.svg
dengi.ua/img/icons/
438 B
708 B
Image
General
Full URL
https://dengi.ua/img/icons/google.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
0a790017591866b91ce60f012035ec6ade2b5e7e3e2e431942b88eb9faf89b62

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:59 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-1b6"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
438
expires
Thu, 31 Dec 2037 23:55:55 GMT
facebook.svg
dengi.ua/img/icons/
363 B
633 B
Image
General
Full URL
https://dengi.ua/img/icons/facebook.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
436c54643e77538c94951f6f91083ac11f8b194a8855c05de5ae0aaa93983842

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:59 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-16b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
363
expires
Thu, 31 Dec 2037 23:55:55 GMT
6070871638298769800
tpc.googlesyndication.com/daca_images/simgad/ Frame 62D2
76 KB
76 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6070871638298769800
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09114f252f1c010f6bbfb43d633e52c953c5c5722b876b31a7416285e9407fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 11:07:11 GMT
x-content-type-options
nosniff
age
235482
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77542
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 23:57:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Jun 2023 11:07:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 62D2
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:39:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 62D2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:56:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 62D2
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 62D2
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:49:40 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 62D2
31 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 19:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12864
x-xss-protection
0
server
cafe
etag
4287797001720200766
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 19:23:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 62D2
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvXLkOVWtYteVBcGEwuIPiamHuAyy0PbFauP5-Na3DvCy9s_CKBABIMbgi3lgu4aAgNAKoAHp9Iu_A8gBAqkC5a20rkmBtD6oAwHIA8kEqgTpAU_Qm5dqYzgU5O9Ay1Ph0nyzZg65Jjv-FQkJVr7LHFBZUAgVsddFASWttLTG0I92_m8EmzXaREoHeMMJcwCjZMFoF3iAFX_ULyfU9uOjQWKXr9mHlGaihGqBcR5_MBNSD8O0w0Z4k5U9UuwWsI9C7OGtc8tdMofinvZRdE9KbEv_2rxX3pAZf9LPAXsw2cErJYvoWOmRAVEuYqRr9NAjGjLpDoOzaWU82ol9C8kZKly9YXU8_D_P7xJw2DrXt9xzYjanQ6MwjA_xJLZxnFQdRdXUMoJGNHuwoxxJaf6MyQcPOdQipioZduTMwATLz5W70AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH5YDaP6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFELD0lAHSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=ylq7GotyKdA&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 18 Jun 2022 04:31:53 GMT
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame 9CE4
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 00:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 00:38:51 GMT
db2e47a9a3671f527cf86ca9ac22fc67.js
www.gstatic.com/mysidia/ Frame 9CE4
10 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 04:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 02:57:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 04:33:17 GMT
css
fonts.googleapis.com/ Frame 9CE4
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 04:20:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 18 Jun 2022 04:31:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Jun 2022 04:31:53 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 9CE4
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:15:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 9CE4
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:39:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 9CE4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:56:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CE4
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 9CE4
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:49:40 GMT
6609dd9ea225b203b979e97d717528a7.js
www.gstatic.com/mysidia/ Frame 9CE4
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Sep 2022 07:25:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 526A
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 03:42:43 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 526A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 04:31:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
container.html
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA8C
6 KB
3 KB
Document
General
Full URL
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sun, 18 Jun 2023 04:31:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=ZGwwODJKQmpNNVZDbWFBTURNTmlLK1c5RHJBQ2dRaGV4SW9BbExhbnpiSnpmK2FkMzBISUtnRUpDSmx4bWxnMHJaalhmalViRUtlVUdxcmRWdWlzSjJJUVQ3VnNZenZLZThmb0VUclcxRFRXZDV5MnRPTnZRemRZMzBaeVpOK2xWeWg5blovODdldDM3WU1BSk4zK0VZZ29CaFVqd3hWWVpndllPQmd4TUQwSWt6NjFXQzdVNkliQnBxVWdlbm5JeStqU21Ob2ttYlloTlhaamtkUlMveFFXZ0s0TGJOcW9rUDNHZWxjS29neVdXTlN0dVUvR1hjbXhLUUxQdGlwSg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
truncated
/ Frame 62D2
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8d15fcc5c1a45bcadac4a7b531f682c32d081d4e5035ed16bbc156ad747d271

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
container.html
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A2E
6 KB
3 KB
Document
General
Full URL
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sun, 18 Jun 2023 04:31:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=bUFCUnNtNUdzTEFZaTV4YmVESVNOdmMxV3lFd2k1NDBaZWhCWm1IaXNVV2duYVlsS1g0WlJMUzlBdWliU3ZlN1lNTGRRSFlYKy9VV24zZ1VKeVFueVhkbzVwaUVFVnRuWEhVQjQ4NmV3U2NYY082N3FsRytpZ09vbUIwakZPQmRLSVZ4MVplU2RzUk9GeUszWGNKdjcyWSt6QnpSNmJYZUZyYzV0UXo2RGRNdGhmMWRVWFBWcnhGUHZGeW4wYk9GY2VERkF6eGhRSWhKQVpBN2trbVAzK1FoV010UFZmTTh1cmRSaGtpd1J2TUFsaU1RemdMZVFteUV5TlhxSFdKRVY4ZGNabVF3L0ZJcDFIOE51Y0hnQXc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
adview
googleads.g.doubleclick.net/pagead/ Frame 9CE4
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEL0kOVWtYoDSBOeItgeoj7aYBJLyndpqy-6zhLgP7LbLlcYaEAEgxuCLeWC7hoCA0AqgAbWDlNcDyAEBqQLlrbSuSYG0PqgDAcgDywSqBOkBT9DiYUpbngG5uxhHeOECATI8XeODInpz-eLPiAncC_lQrH3B3zSprLgcpeXkwh59fp-h2bow7o1ZUH1nGisihmtZ-bG6cbQAcrM7Vm9CadosRzFlLZZpnQXsShGRmfMFIinKoqI2nHCWB0CQdn0z-Ga6vnStp5ICtoIZ3qr7uU2-T6UGmZy3nBIPT_usg2l0BT60VNBeGuAINWaAH1i8Lg8tEHHu_Zfc0HR25SmRu2cnQMKipNAVfdTXmymMBWrd9Siu4wrAn5M_6GIFw2Se3h287qB_l-cKX8bv0og88ncrpcVo39vM8V3ABOf2_9iGA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfU8KAqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5YMQ0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=bR-1tzgbyzE&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3909
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 03:42:43 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
container.html
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BECE
6 KB
3 KB
Document
General
Full URL
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sun, 18 Jun 2023 04:31:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=ZGtMdVlvbERkYUF1ZEJkMFN3TVNJUkpBWWNqQXhNa1hLNW9QL1ovQ01RYm1QSjZYWnI3cUlrZ0JMVmZ0NHlNZjdCaE5VcUFzMW5veGd4aDhzWnhlbmNWbTc3ckpyTWx6d2V1bFRLV0lROUVpNTFudExrL21lYTh0aUg1cUpnQzBYdkFKdmNpakNiWmZOR3lXL0IvMW41cTV5dGg5L1FyODFCMW9qY1hFY2M5bkVwdVZWVHcwOE92emlyNm9NSlJuVFFnZXZrNCtJRk81a2Qva0FSRitHd0thOU40YjNXNWlkYkNDc3dFQi9XRVRFUHpKS2NDK1lDbWg0SEFXTG4rRg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 94E5
6 KB
3 KB
Document
General
Full URL
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sun, 18 Jun 2023 04:31:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=OFQrOU9HUUM1bkt2Q3V1RWdaWVpnYzZ5M0JWNTU4bHFYcXNpeEhXV2piZ3QxSlZsOVZ6S1RXc0J4NDBVZzdieXhhenRLeUlBUjMvSG9RRWExTHJKQXQ3ME1JbmhFL29MSzVhWlZVcHI1N0xwVGxXRDJBWDB2VjhKeW1OUHhZNENjV3NNSTViL0JXUE82cXFBSTZWNitkSzQvTzdEd0k3S013NHNuNlAwaFR3NW5WZVpvT2FwaDNPQStXaVZLZThkQWxTSUZMT3gxWmVGNmgydkt6ZkQ4emV1c2xOQk9oYXRFckdKS3k1TzRVWWVEaW1HQTBYT29tSzNDeEdYNWplV1FOMk9PUFlZTnlnTmdPZHY5eVVlWEE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
truncated
/ Frame 9CE4
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bf9d8f60a4d205540802837f8ac5852158891ebdae4e7de33bd39bfe0476bdd

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3909
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 04:31:53 GMT
expires
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 04:31:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0A19
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUauIkB9-rg4sxL5Q4M85S-Kejn-uIPC2DsaxP6iUk41jtx6MdFqm_HQgsiHoMjd_lTwWqMMhat0WXVRfKGjgy7swADfkoq4NxfQRE1IWwthbxyOXbKFcRDJpyB1BxRcOk_JmUdWlXAC9mPElkOnh5unjntETiqQsyq7K6DdsoGfBeLzegnOQ-2ICR6UOiSi6-gm0yW
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1A2E
79 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHqp6K43ksDsmRoUgM4TwN47p0kE8ba1IALGA1evOFxy1BR75fi3eeoA8VvC-SYrz4zIC4P-Uscd7L23Nauac9GsXJxt-TrlRib_v6H-G2FLYpqxTIRA0B-r6q8MFLWjwAGkd-2jdqxt3wpLNiU8P5X5m6UA&dbm_d=AKAmf-CBg3EhqpxSp-XSRjNURb2mixHD6E7cANGIxXlzbCcGnTysKn0FOKC2h1a0jCc2wN3N99fEX76_Vte8iDgzrvTMU6Uo0lEff32W5m_3c6katYGApDvrId7UAOubT0VS78ZkHWloQ9tNhDmi3vxNZ88xtfwoheh9RJNLop3rjVDOC2tRdYEr_BKCB8cGcSbuIxV9StQk-cs0jhew4Ehji3_rvMONGYRzoJcs9WbGPKl8cIohPh336KYmReyBCQ12pptpgOpCO6GG8ZfiGPLhSKYvfOny06bZxAw6oWsyO6pcUn2ikJfy7yzZEGkBA5wG9fk7AmH2k9WqmdBFn3gyofR_WAwAuICxRe4Tt1Vo_raW2T33xZf-1HkcVRDGlZCL5SJ2fJUcjsCLOUR_CukffqPFl8KCQqoozxqm3b-Xt_OLbClW6VwLcajODM0whaOC63lM2TaKuSKNS4_Lg0FJSIxgEMp7ScLG6RlgiR8Wr9bp3UTzoKyeqUU_pbqsftnB4WVJIy4hB8wLuOeSz-isuXLtmZamGEjHUaJAYYpDCMptmaJS3brP95T0N0cAdqk_IUnRJ44Ke-wLtUA6e_BDESaB15a7E_c1f9jzX1NArZ3IJwPRTN3V044_87_YLsddUClkAB5zsEWH8VKb2kBGVTz_BXciYGe9RMePxYS5x9hJiBMBY5kghuwfYZvcdHQgAq3vyPHIlX9CH71dWzSXsokNz86TOlEuucocZMCCYksfOYxNZSQzeV_JstSxA3qDVj7kbMZtitAuLTDh76Tb5YyHtVneGBbdQ9deDXE9ughRubJNtI5iFAsTqNf5WrBWVUX-b1i2L_NiBQNiFYIsaUaJwP2cx3bBg5SbiKYf-VqJCUzylENXw5fuQAXA5e81JOon7xU0tG8cOvOsXnLxrGNKW4Ged1CUZ78ZsFs6hhuTUVvSB-UyINs7IwwTPvZx3iBP_i4HCA9jmmmP01jsuQWp_L5UaCPmOM6lEC3mbL7t9h1geEV4KvMhCtxxAdm9UKyBZFtySUa--FXKHaXstd0UMMn_yBDiPi-xCCAGiUKwbbGruK8vRs_3M_qKwAUAUQvURjVIV3Lne9W3_kxXbR-afKtpJPUIb5TR_gCbPq5XViidGdUsdzYsVfS7KvQHHi2-UXD4AAv7zLnop9-i4v_cT11-K_sZ04J0iKiYkNhiaoRDBjLWPTxvhyTGnxc4SOpSf0yprqyQQJKLKSyBdHOVioaGNrJvaQa8WAJWPuiu8pXz-P7_No2LieImAFzN5-cYjZOokas2jec6qEPYGVadSMv23ubCYnloav-8mzB4NgN8VbOYfcq33nTlDBdzTBqhxs6bMk5ys4W5FvwDI0iA3Ijf7vVM4VJ49qmupBLiOjpwWAYeEsbdP4gshZvlpxsda26QczUx7g7O5CtikPC-4Ddc9JHWr6KJ3yVn3j0qa_CI0vbeEkGnoYidn8eFZcQw_GDzcT5zlAJUze5RsAB-Q9Mq18r7yPPRjX2rU3GN5HiZmpq-oYECM-HMoOQTcnPfObl_XXTkkooBgFv0p5qvQPjSQW8zZO5k8zIg3D55Wkizmv8NLBExRKAP4FjTAPDUfZcFdiph-GJmDGIMDne7zUzYHO9AM__ztW2AHpbT7n3Bn5i28JEg-KBxMBWazYJVavrqR5XgX6xPi6B6WlxlANPXTKQtb8oDitnorYLQ4MDz_IdUk3oxsnbTHF6Rn4yWhzfVNNbg3Gz7egAa_SWFzYDEG7vQoNHuETHLaNXMxG3ovZFkTas4UeydTY5DoLhvNMtdv18xIcL7E6lr-fOIHbmBVrGO-wJDqFs5NIFwYnqgF2rczwxm7iI3H_b0UfziUB1jW72uNbyevDfrzgspMwSKHUJXaO4uUox2GpFx8iQxLhXG6ds8raDGyOKaMvlUl3HoO9S_H7GtCl3BByAHwRuNmPwAUIaw-tVczykbWeiUnnCv5DMXOgKMGtgC3jP7pMdWjwqL6ydwurjYSosz71EcaB6Nx_0Uu3bKg0adxpvMlaXrTWUyyBhSHmZALszXRj--bv7VTVGBK9AaWYXvUS4NTuceTc3ugI_QrYx88CCxRz3QNEYX9EaWyXZM7kHda1tAn-2uSXdoYcV5T2dRCdblRJle-73gITjeoaThCG2Aq_zrkWD3MI9LG8mQ6JDwQ_rAf_bL-31kdtSSPGSXbyAa4tVB6v_Ggc2py8Shi9wlLEL_8bEQBn1QlPo7J6ayOiuypCDB5R67ThJitXi2CmlZoc67EgTyirpUD4tU19szYT8fiyipT0i-GksSnkzQ4mdoPuK_l6ewTjHgu0RxwIZzaTk454mB_Nx_9XIvhO6INPxthMSjcIN31E9Yaxt9l5xlKy5bGLqcpyesjWw9VpZMmpgt8_6CYtj4aReC_i2nEOxkOIzr-aoWcYL22rgWZQOIb8eB6Luf_Vw-Nsx6kvuNIRO7TzkTEZ9Ayl3Yco4vKlqjwktGo1ai54OZHa4-Wk2cNX_538AVMP152UNH5tqkwBi6zb_FIhDzlpssXbPzcxnN7gp7XkX30s1-QN-A1d0vLnTpnW4_Yu3KKSv0nLgSzc8GdUTvK1piC0WRi4rduEX4TDsAD8yfdriqNekhsQ5c6NlwsLypDmadZxLrKp6UvGyA93ETmFCKGgY-q1gAFwSfX0rTMXMY9vmF_qfshkhD3nXsmg4qFn6ej3-1D8RGtitVqYCe0wwwxduJ4LKBS521gS2Df6Td1p_5NiPz_QI4IwFsCMcqe3aZpQHn88n7b1wsesnWW3eSmsBP_RbPN0i2dTwd7fmAYTKSA29gEMOfhLSCLsTc_Lyx8xMw-6O1dJ5YBZlsUyEZqzvJgJKUGdJMmjCTZWXiYrZYfD48gylTISd_It8dQMs7vn0691KdeKda9_woS34Lu-stqy6OQtS11q85REGG23622HUjU9v6XrphvEbXyOgqYA92NezWO4e6Y-DlUvREbgx6ygWVQitopnfBKkuidRG3g2T2Xf67CYCuGEP49UNF-mG0Lnz7LE8vSFkf4SjSlLP5XY4DkXNbTC-_XlGhanmVE9z7ZxFhEUUuXpLitgW-AIbpRdN5KdTgDcwSLmv9K5D6z4mkCBRzhIgTsYBvgHmCLDosg6Ng5KfFyasWBbiwgyeQIF8tp7ZG92wyVozRr8HOIsLPRFPpbFQxgiSSuWa0ugL-uAVrHLUvD1TG_eFsAILdP5Z4s6b1Y8r-WtjQm8WCWymXwujMlnAsS69Vtwp0vHN3Y_x9PSkKrQhjpxI7lLnVXVG9O1_IskYHVh-dGl5BShbQWn-maPh4lJAGMhVb9aBjqCjj&cid=CAASJeRou8gvRGQO-DPFkgBA15feRNFRehkhahabgi9Rd4fyMOTWj2w&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed06ba8767beb20b7a4d89c1efb2c15144f0bcf934a33784072bee77aeb7d80e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33717
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A2E
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CfzZTeAY4g-fTRC170psXxjj5M1_U1mWkxG_ruLhBtRJngE0rJKNwxSboTpuJkxaiUctjef8VUkLMfZCew2v30_DKiSmrKWSW__IbJIZk9h-vsQls
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 1A2E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:56:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A2E
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 1A2E
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:49:40 GMT
l
www.google.com/ads/measurement/ Frame 1A2E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbCFYTdMhHH_J3wSmiE_tNMl_Hj9Y9VwPRDGHaLhIam38PfCHsqtS8WR87F0gqnEpYN7jB07Ucz5JIXRwCuFInFBF-5g
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 672C
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1AhjTl9u2ATAB&v=APEucNVp88bvbOdLmvzgNPm59m1zg4kEBolnU2L3Q0PT0oUIyrSLwviOKh2Oh9PxKCnoaZdAIjmUtYb7Ph2jDmIyj9gpIAIXvx-4DekvfpT0jHczleMGJX6CBf2plK8q8o8S8Oa5BMPRCo7irFLtwSOgf2NFItHcdJlr_7OV4lCZ8SOD8fu8vTo
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FA8C
61 KB
30 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvV_FWtRElRv2ASh-DzhqRKu5U6Q6MkXx2vAROSNhHEpy6JTPuzdtBkBztRB3KQyCrqBzgABOc6EJ5h0WZARqsGZR10oH7r0y3oM6-MhDvabZBcjxfuQE3gjV3HTH77MSp0POyoc9RdYyMGwWLq1mFAy33Fg&dbm_d=AKAmf-DuZ70V_zILK5P7rDfu2boP1Qd5LwLopukGxg-1blv3T6jUHtTLGTE5a-Y2R37mfZ_XKcz3Vh5em2mA2Ig4a5ogqOOFFg0n8dCaE1AB5fmkB7aWOq1TnlRyPjdI-XvdIVfEMekvziTxnR1_crybclTLeYdw7mLsmWi761wYKxRdm3nAbJMm120tKumKOYmo9dxTLNGQEiB3jtPr21e6o4rXUt7VHG_O2ea_EpHvqkYYAj7qzTQ6XM5y7tQ3EA1C4eAtDgbdrGxJO2Ihi9Om7_5d-Mg0fCRDmWvh6PAlX-y4g6Kxr5yI0-KnBh2SOiW2g_eYEtkDZK3lAUrGHm9UxpIzOSqtCgSoYbTNVYLMc3kCBg2LnhQLhkOgaHJ8bVhbHmLEvABFqZlF3A5vtZvenKxel9mjZYn4eMmwCWchtReok8q-buc5HueX09wa2BZxGLhCqsUqtoiF7FsNJ6-jeCAPl__x12Rh4DjgetaXOPHYZHN5QTTgOTyC6JD6dbwNjCe3AOkklwB7Ksk5w4dm4TDvM-4DIWWmaIEAO6wv-P7J5XoL2h-DwQ2x0QrXaOUyO_W2keZgwF8vlPrqMngR2Ip32Dx9CAUjX-6SVLIHjleSysWBmXIAMmPiRz6ttszolm7O10mUFuMKoWrMoDSaM36cW0d4nSwEuhIRjH4ZzJ9EPrJVg-mWwgW0P18ztd5_IvawsMjv1sutoClVv8mg3aXdNQLdp_OHA2DV3iET3cRw8aPRfezkbL-lW77T6thaCip7TNiZ0fdkJUvl4CGYG6OF6pk1S8_cD_st-YMisLEZxbrErOOOWO2I-l0rRRqqagXOuuWwsSZ6RZma5CNCbYFm9DoA_DDPqCa_-ZxMu56Pt9_GoHPRkqepbuFH-gt4ZUbplBvIQPqhDa5ILD7WkoF6Qmco_mn9EQUkFWJFS5Zl8u5ndMJT5DpMjGPT0Xyp-h28gN131wbsTlA7j2cxoD7L3DdJ_s2wdLKVV-3fpdJQ8YdOteOEx7WmNR5d6vZIqKGReMXGTfKVEFEEW4cuKkI-K6tltsC9i5q4BkwKWeBJtmhTDJiKl_BnxIbISKfWCjUGGkZorvzvQTWcA73HJyZlu6joyHvEmkobVZ1E66_Wd1h3nxiuIVhUuhFE7Db8k9mnvrgGcBkDDYAQQl46f7X_QFJk2mU74HjKiOL4uIk_6aBUQFtmW3c3nnwtwLnWymwA-HOjTUZ-9R_Xp2KMOBzEK3lKjFYNH3AgrCpveReqQ_p9HfnSbbo0cMVMHLgz69Qv79xMw6j1j2lTwOfdPY7gFgGm5bvrt99QG7DRj9zsr8j8aMxH4dWNdYq0cCXK_cqhj0Jt2K4Jq89eC8XihM3IcVkXsYLXA2seUvsdS2Kxy6CxiVnTXe0elmvkXZ4U6f6v5ayC_Ft4zB8Yet64Ryf2v4W4lwFv3y83tR6P8TGSeE-t07trVaIff3hF1wQ5OFx9-fP-ByfgiiqHKtjiNaWmrvMuSMYzQ9qkGWGFZ_Rzyn0BCBGl-ogzsdRUyapxuC-6YyTPbzwY6yJMSOA-M0dIhUZ4HsYYh6ONijdyc50QcbTtAu4MqNEdstU8ibEcgB5m9bYOLZ85VQMSW7Bru7WwdnTyb4YXPu3FpKjpMYIslYUfvgZIzUm-R25kQckmGTYXLOi28jpwJaR4876_p_erltDWA7YUQgF5wJmF-KIYtNGe0hm_9g7zFE__W-5cXvgD3mA9sbigwRnNA1FSfOQqZSljbCMnFjs8Rv6lwopDh3pG1BNr_N1GENQl01HGkRs4rMCNnTAXDsPZsXCRP7Q8jTm2iCLUL7gAY2trg1chr5STnLhBUCt4iYVr5RMR-py9PNToNnjS0azYQdPe6IzggDlnN1V2CxEoxuyT_-nKU1wQqF1p7WBkGwBbPcLuTf8OMhFNgvstG1YKt9W-xXivK9MLLRtKjaIzcFaBv4bh4cCpVkEjDPdimjPghsy7OKeXLuY-EnWlmo1ZyRHMzvVoYZyoDBnBM24zgmkm5wP8Givb4ZRKhwtkHbNvYDRb4lZZ9xzxO2JaOKfNfFhP947zBsdNQfhlK7MAxzFO-9k7u_DNJ7I3_GeU4eXD-mHflk-8zqF1jPQzOpfpng1DwUJ6VrczzARTIOWO3kLctC2Ey7NXgLrsg1mWPQ0knGRO0JaghD80cwT-2i0IOM7XLFBZS6qSkUO_Surd0MusxnyX3T6SrRlX4pE8Ti9puw2ZPHYI8jbkXYZnz_Qd8j7MG4RInq-z7fvdqJWdpPks9CUypJqn9A9XxQ7OgBQt53PSxZL3_0KuBUvu2olSvKE7CZ_YLqAnRDHQjbXFXfqd8Di8cGVD7_vv1oZ3gipRyHV1xtBw7siUodi0aFYt-9Y4gEqdwTatM-OO0IJsyyvasj0EV6Kc-p4jzVM6xlrtewT7Yf2gFyy1xKKfAiS8yeYPB532susCIeSXyetmI6BC5lCe-t_7MuNkd6_9oC4c4eoYr2hQ0jp7pwUdqxfes1KiARh6ehaRTmgtmT1m4i1TZHMs9QKXrfeslGllPFwqDOGP5hhroj0IdD1fQ_sGAKXFN2NBL12qho3pX1X-e8idq3uNwhtNbTE-ZSLisv_P5_rSHxuEDyMeDPMc7ygtZj2Q4WR-Zbut--AwW_XVjXluiiIQHzAuAnhyg4bbanRtAhP1VyV3AQ2MIgDZF5-i-MgLcuASgd2FN8mDyDH7SeAIlamIZ9hCelStCw88HUiKQ3dhwl-yNPZiqGNnuYtSmtlCVFoHI6o5nZTr-hKd3L5c69UTd4kRn_cHRdDGf8l6wqsOOsNmuNvAmC6p92bn7MsQfHBxmbK8kb-f3_bntqWRfmoVyW3EifWendcTNqBE97SPuG1EZ7hkzOzoIr2MJ-PRxk-ahR2mvkSpz1Rspw230gm4WIUIe_5KXZYhCupSdk7LLVZd44MuSS0cvWxCQIYsOBylElu6vBzUSuCNv7fuCVmufg7bEAutwO_imYuGOZ43LHjhzipME1XUvP5uOxxeTZdswHSjczINUYtVgULoyN2BUxS-yQrJ7UIh8IqgM6yMez2pLLW_SMVoNzDXlGcbKBQ-Oo7okkX9JrvcT3DOEBj5vxcyJ7IyixJZw0qdtWin2BrCmxm-iKiJgIT6otrD8zMoHP70e2SdIZsniIyfm788-Ey3goPX1h2Bdq-yKgzPvzEbEQ6CRKzjc0yFRxcte-X3GpnnsyuSUgHWqTpQ2jostS9O9rG8Yt9uKkbDPordOUTfp9GNFcBnCqlDQB_hBr1SXa0ifrkEsUh6TNITFmeaswHQfL_iFzhk56odDlctzmVdKEzPh5HU6NOCBIUQ738qiJCXUOnvv649zBNQTrYH4K6Gu_RmWMrz-gUh3XwFVRvaYnboxN1DuFMxLQgB9y01Wbi4wcg-2GudgVD2I67Xh4EJ2WHzloU-TqAczA-GpSfVUY-OYUy7f5vsPo_dbbJtiypEyHu73vlsB_jjNBg_tc54HNgr-5mSOJZ5ExBbz2hfRXLW10K3m9TSoNYR3p7HJhwC5h4eKGEpz5axK-tCPTT0cE0&cid=CAASJeRocZoHHWsl-dbNjwgHkdipg12sgGUVa6_8QRpYcbHyjn-1vH0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98c35e09d34e200679b0eb068a09d628a4175bf6e49878a917226d7ce6a65045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA8C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BUED5nZzYHYX7miy7QFmHx11O2tA7hKXt_1N4GEwcK05quYsEk4lPhfVRimLScZoXiOl4FpbvcB2i8Y4e-_KA9-dvHx2ZRVsYlrOX3mzsYZAa0_o0
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame FA8C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:56:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA8C
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame FA8C
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:49:40 GMT
l
www.google.com/ads/measurement/ Frame FA8C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSn2p8MoWv8vXVIoPNl1Ik8StTenEmahULJbVztNsGOqf5_OM1ABYpqLasLg6GzSjtxWoUt8jENJlBglsOVEQFGMzUu4Q
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 2193
640 B
316 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNW7S2RQDMBX7ldVqSSt7RwfZkkWgShCy2D2Swtyhs7-7evlSlIWulvQQx39pYbwvLQwq268utabJUVvlzHUcHFj7DF2EmMw9sEeO2DDU1TYH6ZwIvNxItXTCtGrBYO0Bgz2NW3ySTqEA3s-qAsbkxxwp3k2Th8vOeKfRChdmV7cthvdmLA
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BECE
79 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DExaPSaJRdoEU_BMUY9meB_PHdLJZZuK-B14C9hwjCeXRS_MgCO9pmP7RTDH6K_NwC09-c4eSgGAAXdoclzJfWAgIWMQTV_Wa6LFBOXpIv3u8DHIXNkoZClmbLZ1qYfFzmFSE9MoxN3pzQ3rtPeumnlHqk-w&dbm_d=AKAmf-AjPRyog-6BkaIAwjDsJjBFL9wqu7lUJpul35vnwXQJ6olNyph2bBGEo7fq0YrXjwynyqXcUJTYh9UyCNT0eghMnUjJ53MTacey2eLc1YMiPEOEP-Fe6TD8cJ1XYXJioERLA8fgEbl8xpm6EWynUYHUby3OMlTAQsKobXFPMDRcViC7nuJsZqXKywKzcFuJBlUobI0VPbunBMrEfYFTmyiWD4P_PvS8eCHIZhnk3jTzvovky4uxlz0lXcBVb-cthnM4sRuZyZmje4V87QCp0NHw-lC61wBYUu8fxt9G7TduijVBfOMCcRyuhyYNBpgbdphbIz41AcfaPJnfETO1RZlWBY69NYyxIOSk7EsavWbgjVgi0JuamSThsxeUtBd10rL9Y1sQw1Qikhp0dr0i1N5B4c1JKo2Vf7or_U4OV5He5T0kuqdVRuDIxpAVVAz_Q_nTg5GtoYLlOM2MVNN42eqOWYPML6_iTTsMfSVNnltJRRX6HcyKUQQmQ97ZPg1CWZZya_bCs2RDjfHbaJPdXZiGXP8GIOnxtLdZ6N3PgW6T_4zYPVo1X9EihcYwWjADH5hD0Nx7lUWndWRZSp5S03M_Kn55FRvBS547zblxba3rGn0bLQg8y2N1HcwynrpBtW2c1wAG5fmQPuPgBNPk9px-4WYCiYjlkOQLOyL9l_aF6RNxfxHqm7uah19PhGA69t_Rk8faja7rWuXeTy0_YH6phdacxqsRiAEmJp1nTjmwa374a0AfGnhujB_4wzvrJT57y68eiK6kxrydaBuzzyovdLiXH1Mw--pwXyI-LyU5hp1bvkA5s8F-Zd1UqAW8izBlnE4bNxL8ZsMJ8TGmEEg0VuLylSirxe2WliZaoqY6_GMhMwblK033ZDAtPw9_vpIal7-FyqdklrCJXYQZ2nqT0v4hAWWa6IsvWbqwPPRqIeoctGHykBnii1Pa673Fn4XJTOpZIPK8ftwoo0h20Y4q5hC2xiLyr6njSimJVbG2C4xePV64I3Y7OjucADTwVbLYPvrYsoqvAPzs7Q6uttsv_beAwy6IVI1AK1tDE2nJkxaSREqe-2u6H5_kofGChXfGMHpAI1PR2lecK-QJ7IVUROXZTZdBGM9MvsAMEK7k3gPQx2njk2yGNgIZGriLuvfQmCI1A2vFXRw1fRIQ1Zcdk32Nzq8AX6o_rcvycmByfkHOgZVROHjEG7Zg7G4Nvt4apEkni5f4ga9Y2MmHMyQBnFNcdINPReoI8dW6pggU53Yvgz_ciuL3b0tlOtCgItZG9biOFfEcT7qeILCc9ZVLaM00JwoktgkfKM-ekbrPcH-T0fa3PaNK7f1_BLd0XhDmmAIcG9sdM5JxvMuGTVn_WCpCFV7a1YQ0hgav5ktQr5CQMa7V535BzIwzmSMZdk8zirncgA96FqjRB1t4Ma5TxOc7LuS9TG_1lZ2-7XUFEhYfjq3lNNBH4NySOqtwQYO0IZxaVuhrezExarCJIzHWfTz1e_ljN1iZGNTYx-va5vpZq74w6A-PH4xz5SLw5Q9hr2BhUELolYKCKMfVHEvl6HPqzHzj322Vn5RwlhTvHD2NcvMgae-5Pr_qDkciWK8Ssf-YM9zBR_USaYE1Gf9xY1pPlNC7wR0YwraPrOBXGDxXhbYwoc3WnE2M_IQ-qH35jjTBNAE8TUiLS_xSjOtvITg-HhkCbtZt8nmpMuadsXEw4ZVGaep0traboDEw27F4ibIBJ6TLyLIOIgd09u7xdrkcOyovSay667vvWrjA4lQ9B4RfNfY7ywxUCH3WaDiwUfGLF98-Q_K1qRl05qm98BuWfSpcA--8dOwsaAGBYRPlNMZQNq2rNZMw0ONENiGOhJI4D9GEr-hDuZdsxDcUTnux7V06KFW946JYhuflPRD1BU7wirjsEMh97ZV7Xdle9S6yKZUQeMw9XskgBJdO0eJhbHGgCvrlB38rc-hy-3EBqPdLBuRKjXWsVKi38_J9k1UA_jnKZAVOMd7xs7ozeEYUxEgeZUBRdT3LQKQvum4IJ-pR5QhhC-YxLqBa7ugY2FK_sbpeUyWozJ-AZJMoNXnsEa60PKh0Lf5Y5pue4gwAZ5YvJFBveNVq5ie82zEfjme5zFxhZ3I1s0Tp4HU-AD-C6NZoNTcvdTgaW0iazukpbCybpuiMCTNaQUkvjg1e-E8LVMKHDhvfPzr-pIhZRgpcyEyrPeNYtfKGqfkJiUL3bbehZrrUcNhQ8YY1QMtrywTimDAy12cvypT_ErFQZpgSC2b44QUqs8Mb0FQLPktZIl--SIbxe4wQGWG9K80w4XDwBKn_rovuV_SospH35fhuWlzQo2fQ4FHFkH0i6goWMB8m7dNa230h81IvIrWLW0DjgdPrqpu_-V0f-6RliWWCYE_iZSZ18efUeYC12yjwBurgvJwbE_SypXZaj6jWzElwrMNbIuU0nAWLAf2tKu2KTHVQ3JiIdnwzAC4oGsIDHND9NPdmt8-iYRFAHB-j9Ggm-srh9ORKsh5U5Jf3MUpfXuNiFYC0MLN1Rj7lRyiShfL9haZss2qxegGCGpG-YEojJaxeiEv0q2s4iG21IduwO08YhhpwHxpr42ntbgTb4dRrCVYjyEN1y2obhXndHBkAm9gfgw-w4wZZa-4G2f68TKI_1KVL-vw-tGpFsvJq_w4M13L09YmE0KMJ_5HzE6cLE3UbyKkwskmgcfAJUjAY_yqG7v9rJzpasL9n73uJrcztWd0jZ1f5VHrWD4-G4Yip56BJRK2ayD1Wn0FhB6ZmjPQF9JPhiMHh3FnlNpMVDr-wed7u1TdyeKm2wgrr8SP15bjZhLKAhBRifWcXldJecpnP7-pwjReUTWFB1DvaWkrdhrkoO7ucus8h9AG0DezC4c-9dGgImylYbA09mjHm3tY7GfA3nqePU5BiurIS5_Qn-KPQ67oZz_f8VJIdLpFeo8iqnKkYtSL3Re7PmzIhq_1Y3XCzlKyiUaxFkX4zc__JvDc2TAIGIFzfKdkkvRfShNpXOY6eKsqK065jgz2EzAtfwSMgakEXyIR-VaAFw2OuLg6woUL5QsvxiSMRKX2oypCZVFBODCrH0aEfDRjuMPVBB1utuGk1p8CCPzGMW6_xNVrLiKPRot-vMdOhRip9JlfjT0_78lvUB1TYQ1a7E5xeu05Lyw5wqCRcUrxbYp07zOh7rNW7nOJ3Xq4Fn7NaKsLJdWiBO9qIG1jrhzKulRXx7RhWW0_1AT9NkkwZE3ZcZnc15Dj5eM_Bd0klB3qMJK1Jc-C7B9-wNm1-8_zCys8I7o9gQaTDmu5nrcr103pGEHvq4aQL0pgP-DLgtnhQ&cid=CAASJeRooAkLZyY11lfRVEmjguofIIpWos6XmqVGbUNfdA5QNegZPO0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
279e1a607d6090b9a80a5928735be3a36826df15dbaa78784f7e720619137454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33570
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BECE
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPothA5NW5cPEgf777QpzsW1f-cm3IPDok1eB5fs7TV1SVHg8zadsxEfgHvBXy70M3a2sbhbSlIFy2_7WM_KNlKG1uel9DtYwxyBb40hZVbnsfbbY
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame BECE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:56:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BECE
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame BECE
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:49:40 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA13
586 B
315 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUedgiNRTYKMvURr-IG7WvHcSF39GuI_yceK5FzDqKeZj5BfAvdM9uvlwIitChQIPop5orZNyUFORrGH1ZqxNjd5sMwvZEiNwC-bvwp9YCT5rvfTXx1rfRSrY5jEV4JNYmCU_A6w7UR65GFBQ0PJXIl9Zt7U1ilDb01Put1Y7pq-Dl1XMI
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 94E5
79 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCIURpoq34J5qZ5Wyai8o-IBR3D6FF4B9euFnE9UjHXcbSt7seFkqFDWLgTfe_rR4RMct-3ExiXWP9ofoyCS0ikfnorGFDGV1qz7ZNE0EYY4Ez1Q2cR3Yr97pqCI8udREX8_fs3NnI8ydCFe9l8oaawegP5Q&dbm_d=AKAmf-DzgO2ptKsWk267rMnxRFYdYW9HXbTSq27BzL7d1ljzWnCI299BXgatUZWVNueTLwZ_QBNK4QS0Kfm8hsTgFpwzcGL7waD3UqRBsmMRJ3RRGVuwR2QGQmPhVKreY2pF11mnUJZM7Mig1828QLVc6x4ZkZcRDd5PZwk0MIE9c52V1aXa2XrS7WGV9rpgSDFdKHWa4MtLNfyQv-inZJu86WYzFFV3xlBWdIng4NNg8UroFQkoWFPuxdDgaqmL0uNhj1FmJB2NcDxP4TTpZLnITOM83UEjOUpYneKFvcPACIQdqInBVxTN1ufXZL6zv56vfNEqQM3M9_-Bopguh4_HWOsBew1mBESnT4dL9EZ6DSaJT5CTa-ObAOwGCHBV81MXZivlbPo76718W1WuD4uxrN7nV-nT0nAJhh2iRj8YWqwW5F0TrH8WmEZvPbjkCC5M2Jc7iqKVivi2JIS9zG_4rj0RYgiH3D7JQ3L4SxNAI5s1Ci8OlUJdieI9O6ANABfUuWWfrPIe7dSHuYjNXlyqgH5HgPSjSkEsB03Fh-aB8lt1ca9P8n7L8wNUqkgAp8L7CS-C6UgrUIYja2CMy99AV8JdoQyRZcNZSyAQ6ZrTPGimbRKyVtnZ23YUuvFqhKOLiqm5RNf_2JbRIRdyypQHR1AiBD4ajpLLVdPdMi0Xc8DkbVq9pks8-7RM1FsluMYPjp26M5ugxN1O8395HMZsAFo2ialUJHoEvZH849xEQcoNgE0CEveQSMcxVh-EjOYE6Lwr0kG4--zygHszqaGKVTCI1z8b7zlI_cvMlaJE__N6Shoj0Ie3Bm1gjA__xEarkycvvskDWNy-Q97LknRssh9ylMc7EWugN3TIpqVPrPChw4xCgA-qoybpGqtqb-E6tP5zWez9GSzcJYeZfHtJofZSeQcekbq5n-o9U3Jf7UJ-ttSd55P488UXZc2PFwk3iO1Q3kHOf4sPRjT4iMF25jSNlYq-BSp4tk_rAZgmFyPvZUFMzrlk2juvIV8g8-O8rLcYfnHpsnYVueGioeK3YvdPKoBWp2rpIi_tJInfQaYEjDB98F0amFmenm8MLYAc0McysRwjjncTitWLzF2zhRkhVxSV-wqcRPeD5YVaaTf86QWwANw4dMijget-pM0rQAOAOM5Aa_hfLhkX5RFEMUZ9RNK4AXaod0oQPfVxtZUuHux8-0oBsW_zF3yJwUy1X7AM-lSXf77zm8wtRy2YpZ8BTtTesN_FJr8sT958JE6nK96w0AFErB59ut8u70xegu9hqoxHBsY3CWDMKGNzH23gRxmshl0vZUvgGoRiTdWzmXsSBfAq_OOFpH3AI8GYQ_14UUm-tkQXHPOgWnm39Iumwl2k3IJIsnytn6t5pVEg0n58DjUz-uVjw3X99HsiH7hp00YxYG18RXjlrTu-jDh4F9aECXoYNk4S2_P37tO1jDi7-cV6h2ITq2rXHoGvkDvlF5D1kksKMcT5A8ebieA9mT6EPK6BcvgNTt8nxr7oy829LMWUbphPaKPzoOab12CJAaW15FDZHbC1mWFzeFE0LkH1eV2K0mJ6XU0DgvoTcnIqdcbtqQuw9hqbs6Tl4v4GO1Ia1LYxmzPhFb4Xh3CR4QZ6EJNDQHlpA9LqgJ0Y6egIOugbXGZGkdHfG0T2tajxDVWlyM-91Na2EOJQ0Z7E33bDiAdqRpoqzHg0mVpDZ0IbZGOclXUAVFs9eNXgNLd9apqhvOZcpmFtnW2xj25KAcQTk4jVMU3kSaLBUi577Nqsc2JTOrpchinPLep6qG4exMfDtwyDtMusB7iC82cKY9PRKXz3TUUMcbfvaeZ6bwTj8YhfLWWirnRfZSyr2ed5b5nOc8D7av_7Mv6cKRW-oaZsvi9dBSPzFkWNO0cag0G4s1nZodJyqcjifS8qqZO5U1rlFUkTGawl7cyqxTsTQVtgQfgzwbfZHCqL5hcHQvVGgd0oXRl9RPLZbJWuBqUsBKv0DriTKHsRGvQYQ5EMpkuiqcyR90hmXZ9QZZGk_XXTTk6cScXdAP0gcPEEOmf4PeX02dHs1-gtfrHx-fMpGV5DJVOCKiWuCnZihpCSDCzBZcHCmmU8XFpia0KwOUlw0BjPiTqHwBhAZUqRCRNLbPQxY_NOQapKlIa5KvXWN3JHgW5mOjo1wlcwIB6mAvlLuT-KiofLTr9g_MhZ2_sgBTe3Lav6hNVznSv5ixRKHjKwJdDK0L142U4xozuJaHWSyOw2JvYxChT7wBYOEdAQE0G1T-d00MCwbiu9DQbV_f5omBmkR3ki9bzbElDnMuxZPVZpAEJoQxxS--hHUNiLnHZ3trveGcQ5XUl3KYvhui3ivlS65GyeBWkcrhtySxIP8G_5p8XKK8cxwb3SKUmxqpT6Zt_MAyES_XBlznbpA8sx7M0j_G9qcKxGqKbjXnvo_uqEhiH-V38xDI5sQjlOyibNsn2ggIxQCq9n0B7eLrf0grQ2J4qYHzUmqCTICTyZch0G7wVo3JR-tAmjka0S6AdYumcU1jpk3pP4m_dUAMHAYbkOeFVGctrJXBviq5h5cOpLvnZOMp8Qd0bna00KOdhqFJH-69-S1xN88Al7OS-kUzHJNAzTNXIXYs2Vx2_IfXlIHObyOLdJHm4tnS9rlLmfSmtFVMmyQXwr1X6-caIPyEku-Vs91LEnEkuPTYsgkLcZJ2jUnCS4xj68VQO3pVkc7eoiHs4iBF6riANCXzNPHMjpbyZwA5MGv7eXqcfXjj0PTrOaW2vysSRIV7Tr8V4PhyOO4sCuyzRl_sNeN8wurv4GeuLh9Or5dq0Yjk9KT484B_QkAaTbyL4yeXv4e7Omo6KjMWSlRXw-QsmdEfsOZ3_LuBitZkC6mS2mpFp92GSBA1ak7Dcu9e6qYgM6IkqSVvMtS-VaIOey_qdPSy7nS-iOczy66jBG7MqnKXPblpOrypuMCYjeZympyWp_Y18GdZ0WD-Quc_cMWMf_hVh7rfkMQKUgGJqG6pu1iiKeZUF6IlGQYFQV547i0jT_DwFt8dKPYJHXBbLuL3PZhtM6PI-0s75oUUb_9Kr59B1VQ3Lhsf6KgL-_Vu-QWRm4yKG8WoyhASVZgBUNFtyrPmeYZUVce4x7nzdwGUHSuCJJvdUXpYjTaIyOJYKKeMTmIW6sFdMVhon3nq3yrpAlvBSyupHT-RRQC1aMFcYQu1G93DcYg-23KDYC4-yfPtP_HkL1i5gJNMgpetyRcH6ECLegCkIe70BPUzGQ9w4GXrDMeZeDmXgIyiRdRdaUFVF-IVG7Z7lKud6ZmNd-tZ5tUk7ea7g&cid=CAASJeRojBbjG4hfFTz1lRUc8Fbhn1ZMkxTS9-HeP0oraATk0xTF-L0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9214c29e074cb15cb796602bc30ea9651f7a4d4bd36914ab5e6c0e58138e01fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33749
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94E5
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEKAp_bCrfIZsnWb68Ksibjaj2kOzZHtAnstuNkOIQ7OuvJjhJ2Pv2xpcO9IXRgPFsz9VMHVSSNWA9lnGGRx2WjgpONx3wA5lWqNWDaqPBmzqViL8
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 94E5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:56:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94E5
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 94E5
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:49:40 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9CE4
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
201299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 20:36:54 GMT
rum
dsum-sec.casalemedia.com/ Frame 0A19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
43 B
781 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUauIkB9-rg4sxL5Q4M85S-Kejn-uIPC2DsaxP6iUk41jtx6MdFqm_HQgsiHoMjd_lTwWqMMhat0WXVRfKGjgy7swADfkoq4NxfQRE1IWwthbxyOXbKFcRDJpyB1BxRcOk_JmUdWlXAC9mPElkOnh5unjntETiqQsyq7K6DdsoGfBeLzegnOQ-2ICR6UOiSi6-gm0yW
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 04:31:54 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 18 Jun 2022 04:31:54 GMT
rum
dsum-sec.casalemedia.com/ Frame 0A19
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq1VOqSDP6mDi-gPxc44VQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
43 B
781 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUauIkB9-rg4sxL5Q4M85S-Kejn-uIPC2DsaxP6iUk41jtx6MdFqm_HQgsiHoMjd_lTwWqMMhat0WXVRfKGjgy7swADfkoq4NxfQRE1IWwthbxyOXbKFcRDJpyB1BxRcOk_JmUdWlXAC9mPElkOnh5unjntETiqQsyq7K6DdsoGfBeLzegnOQ-2ICR6UOiSi6-gm0yW
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 04:31:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0A19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
43 B
1018 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUauIkB9-rg4sxL5Q4M85S-Kejn-uIPC2DsaxP6iUk41jtx6MdFqm_HQgsiHoMjd_lTwWqMMhat0WXVRfKGjgy7swADfkoq4NxfQRE1IWwthbxyOXbKFcRDJpyB1BxRcOk_JmUdWlXAC9mPElkOnh5unjntETiqQsyq7K6DdsoGfBeLzegnOQ-2ICR6UOiSi6-gm0yW
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8ccf126c-55a1-4916-af75-c10c560dde7a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A19
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUauIkB9-rg4sxL5Q4M85S-Kejn-uIPC2DsaxP6iUk41jtx6MdFqm_HQgsiHoMjd_lTwWqMMhat0WXVRfKGjgy7swADfkoq4NxfQRE1IWwthbxyOXbKFcRDJpyB1BxRcOk_JmUdWlXAC9mPElkOnh5unjntETiqQsyq7K6DdsoGfBeLzegnOQ-2ICR6UOiSi6-gm0yW
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1ba0aa04-5318-47cf-b13d-72857174ad5f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 672C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
43 B
781 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1AhjTl9u2ATAB&v=APEucNVp88bvbOdLmvzgNPm59m1zg4kEBolnU2L3Q0PT0oUIyrSLwviOKh2Oh9PxKCnoaZdAIjmUtYb7Ph2jDmIyj9gpIAIXvx-4DekvfpT0jHczleMGJX6CBf2plK8q8o8S8Oa5BMPRCo7irFLtwSOgf2NFItHcdJlr_7OV4lCZ8SOD8fu8vTo
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 04:31:54 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 18 Jun 2022 04:31:54 GMT
rum
dsum-sec.casalemedia.com/ Frame 672C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq1VOqSDP6mDi-gPxc44VQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
43 B
781 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1AhjTl9u2ATAB&v=APEucNVp88bvbOdLmvzgNPm59m1zg4kEBolnU2L3Q0PT0oUIyrSLwviOKh2Oh9PxKCnoaZdAIjmUtYb7Ph2jDmIyj9gpIAIXvx-4DekvfpT0jHczleMGJX6CBf2plK8q8o8S8Oa5BMPRCo7irFLtwSOgf2NFItHcdJlr_7OV4lCZ8SOD8fu8vTo
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 04:31:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFOfYGZLkX333pAdokvau0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 672C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
43 B
1018 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1AhjTl9u2ATAB&v=APEucNVp88bvbOdLmvzgNPm59m1zg4kEBolnU2L3Q0PT0oUIyrSLwviOKh2Oh9PxKCnoaZdAIjmUtYb7Ph2jDmIyj9gpIAIXvx-4DekvfpT0jHczleMGJX6CBf2plK8q8o8S8Oa5BMPRCo7irFLtwSOgf2NFItHcdJlr_7OV4lCZ8SOD8fu8vTo
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3c4c7d4a-6bbe-46fe-acb8-df788318a176
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_93j0F9AMhqDZ51qKFVUA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 672C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1AhjTl9u2ATAB&v=APEucNVp88bvbOdLmvzgNPm59m1zg4kEBolnU2L3Q0PT0oUIyrSLwviOKh2Oh9PxKCnoaZdAIjmUtYb7Ph2jDmIyj9gpIAIXvx-4DekvfpT0jHczleMGJX6CBf2plK8q8o8S8Oa5BMPRCo7irFLtwSOgf2NFItHcdJlr_7OV4lCZ8SOD8fu8vTo
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2cae5350-54f2-47d9-8303-efe86013110a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NDUwODExNTgzNTc2MDE2MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2193
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL_M8DkzRyH3JE4uB2AsXIg&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL_M8DkzRyH3JE4uB2AsXIg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNW7S2RQDMBX7ldVqSSt7RwfZkkWgShCy2D2Swtyhs7-7evlSlIWulvQQx39pYbwvLQwq268utabJUVvlzHUcHFj7DF2EmMw9sEeO2DDU1TYH6ZwIvNxItXTCtGrBYO0Bgz2NW3ySTqEA3s-qAsbkxxwp3k2Th8vOeKfRChdmV7cthvdmLA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL_M8DkzRyH3JE4uB2AsXIg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 2193
43 B
306 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNW7S2RQDMBX7ldVqSSt7RwfZkkWgShCy2D2Swtyhs7-7evlSlIWulvQQx39pYbwvLQwq268utabJUVvlzHUcHFj7DF2EmMw9sEeO2DDU1TYH6ZwIvNxItXTCtGrBYO0Bgz2NW3ySTqEA3s-qAsbkxxwp3k2Th8vOeKfRChdmV7cthvdmLA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 2193
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJ_tXJmbHsX2GOBp-OOW5tA&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJ_tXJmbHsX2GOBp-OOW5tA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNW7S2RQDMBX7ldVqSSt7RwfZkkWgShCy2D2Swtyhs7-7evlSlIWulvQQx39pYbwvLQwq268utabJUVvlzHUcHFj7DF2EmMw9sEeO2DDU1TYH6ZwIvNxItXTCtGrBYO0Bgz2NW3ySTqEA3s-qAsbkxxwp3k2Th8vOeKfRChdmV7cthvdmLA
Protocol
H2
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 18 Jun 2022 04:31:54 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEJ_tXJmbHsX2GOBp-OOW5tA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 2193
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNW7S2RQDMBX7ldVqSSt7RwfZkkWgShCy2D2Swtyhs7-7evlSlIWulvQQx39pYbwvLQwq268utabJUVvlzHUcHFj7DF2EmMw9sEeO2DDU1TYH6ZwIvNxItXTCtGrBYO0Bgz2NW3ySTqEA3s-qAsbkxxwp3k2Th8vOeKfRChdmV7cthvdmLA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 18 Jun 2022 04:31:54 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame EA13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEG_JZCmNW3rUMhyTOtgkCA&google_cver=1
43 B
549 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEG_JZCmNW3rUMhyTOtgkCA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUedgiNRTYKMvURr-IG7WvHcSF39GuI_yceK5FzDqKeZj5BfAvdM9uvlwIitChQIPop5orZNyUFORrGH1ZqxNjd5sMwvZEiNwC-bvwp9YCT5rvfTXx1rfRSrY5jEV4JNYmCU_A6w7UR65GFBQ0PJXIl9Zt7U1ilDb01Put1Y7pq-Dl1XMI
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
144
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEG_JZCmNW3rUMhyTOtgkCA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA13
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ4ZDNjNDYtZWViZi0xMWVjLWFjNmItMTU1ZGE2ZmQwMTA2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ4ZDNjNDYtZWViZi0xMWVjLWFjNmItMTU1ZGE2ZmQwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUedgiNRTYKMvURr-IG7WvHcSF39GuI_yceK5FzDqKeZj5BfAvdM9uvlwIitChQIPop5orZNyUFORrGH1ZqxNjd5sMwvZEiNwC-bvwp9YCT5rvfTXx1rfRSrY5jEV4JNYmCU_A6w7UR65GFBQ0PJXIl9Zt7U1ilDb01Put1Y7pq-Dl1XMI
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ4ZDNjNDYtZWViZi0xMWVjLWFjNmItMTU1ZGE2ZmQwMTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
12
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55946/ Frame EA13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEDO6808ycltNR9w9YXBwWWs&_origin=1&google_cver=1
0
255 B
Image
General
Full URL
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDO6808ycltNR9w9YXBwWWs&_origin=1&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUedgiNRTYKMvURr-IG7WvHcSF39GuI_yceK5FzDqKeZj5BfAvdM9uvlwIitChQIPop5orZNyUFORrGH1ZqxNjd5sMwvZEiNwC-bvwp9YCT5rvfTXx1rfRSrY5jEV4JNYmCU_A6w7UR65GFBQ0PJXIl9Zt7U1ilDb01Put1Y7pq-Dl1XMI
Protocol
H2
Server
18.193.29.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-29-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.advertising.com/ups/55946/sync?uid=CAESEDO6808ycltNR9w9YXBwWWs&_origin=1&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pixel.advertising.com/ups/55946/ Frame EA13
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
0
255 B
Image
General
Full URL
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNeH9AIQz6ODwQIYhrePywEwAQ&v=APEucNUedgiNRTYKMvURr-IG7WvHcSF39GuI_yceK5FzDqKeZj5BfAvdM9uvlwIitChQIPop5orZNyUFORrGH1ZqxNjd5sMwvZEiNwC-bvwp9YCT5rvfTXx1rfRSrY5jEV4JNYmCU_A6w7UR65GFBQ0PJXIl9Zt7U1ilDb01Put1Y7pq-Dl1XMI
Protocol
H2
Server
18.193.29.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-29-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
date
Sat, 18 Jun 2022 04:31:53 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1A2E
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Origin
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 23:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 23:04:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 1A2E
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHqp6K43ksDsmRoUgM4TwN47p0kE8ba1IALGA1evOFxy1BR75fi3eeoA8VvC-SYrz4zIC4P-Uscd7L23Nauac9GsXJxt-TrlRib_v6H-G2FLYpqxTIRA0B-r6q8MFLWjwAGkd-2jdqxt3wpLNiU8P5X5m6UA&dbm_d=AKAmf-CBg3EhqpxSp-XSRjNURb2mixHD6E7cANGIxXlzbCcGnTysKn0FOKC2h1a0jCc2wN3N99fEX76_Vte8iDgzrvTMU6Uo0lEff32W5m_3c6katYGApDvrId7UAOubT0VS78ZkHWloQ9tNhDmi3vxNZ88xtfwoheh9RJNLop3rjVDOC2tRdYEr_BKCB8cGcSbuIxV9StQk-cs0jhew4Ehji3_rvMONGYRzoJcs9WbGPKl8cIohPh336KYmReyBCQ12pptpgOpCO6GG8ZfiGPLhSKYvfOny06bZxAw6oWsyO6pcUn2ikJfy7yzZEGkBA5wG9fk7AmH2k9WqmdBFn3gyofR_WAwAuICxRe4Tt1Vo_raW2T33xZf-1HkcVRDGlZCL5SJ2fJUcjsCLOUR_CukffqPFl8KCQqoozxqm3b-Xt_OLbClW6VwLcajODM0whaOC63lM2TaKuSKNS4_Lg0FJSIxgEMp7ScLG6RlgiR8Wr9bp3UTzoKyeqUU_pbqsftnB4WVJIy4hB8wLuOeSz-isuXLtmZamGEjHUaJAYYpDCMptmaJS3brP95T0N0cAdqk_IUnRJ44Ke-wLtUA6e_BDESaB15a7E_c1f9jzX1NArZ3IJwPRTN3V044_87_YLsddUClkAB5zsEWH8VKb2kBGVTz_BXciYGe9RMePxYS5x9hJiBMBY5kghuwfYZvcdHQgAq3vyPHIlX9CH71dWzSXsokNz86TOlEuucocZMCCYksfOYxNZSQzeV_JstSxA3qDVj7kbMZtitAuLTDh76Tb5YyHtVneGBbdQ9deDXE9ughRubJNtI5iFAsTqNf5WrBWVUX-b1i2L_NiBQNiFYIsaUaJwP2cx3bBg5SbiKYf-VqJCUzylENXw5fuQAXA5e81JOon7xU0tG8cOvOsXnLxrGNKW4Ged1CUZ78ZsFs6hhuTUVvSB-UyINs7IwwTPvZx3iBP_i4HCA9jmmmP01jsuQWp_L5UaCPmOM6lEC3mbL7t9h1geEV4KvMhCtxxAdm9UKyBZFtySUa--FXKHaXstd0UMMn_yBDiPi-xCCAGiUKwbbGruK8vRs_3M_qKwAUAUQvURjVIV3Lne9W3_kxXbR-afKtpJPUIb5TR_gCbPq5XViidGdUsdzYsVfS7KvQHHi2-UXD4AAv7zLnop9-i4v_cT11-K_sZ04J0iKiYkNhiaoRDBjLWPTxvhyTGnxc4SOpSf0yprqyQQJKLKSyBdHOVioaGNrJvaQa8WAJWPuiu8pXz-P7_No2LieImAFzN5-cYjZOokas2jec6qEPYGVadSMv23ubCYnloav-8mzB4NgN8VbOYfcq33nTlDBdzTBqhxs6bMk5ys4W5FvwDI0iA3Ijf7vVM4VJ49qmupBLiOjpwWAYeEsbdP4gshZvlpxsda26QczUx7g7O5CtikPC-4Ddc9JHWr6KJ3yVn3j0qa_CI0vbeEkGnoYidn8eFZcQw_GDzcT5zlAJUze5RsAB-Q9Mq18r7yPPRjX2rU3GN5HiZmpq-oYECM-HMoOQTcnPfObl_XXTkkooBgFv0p5qvQPjSQW8zZO5k8zIg3D55Wkizmv8NLBExRKAP4FjTAPDUfZcFdiph-GJmDGIMDne7zUzYHO9AM__ztW2AHpbT7n3Bn5i28JEg-KBxMBWazYJVavrqR5XgX6xPi6B6WlxlANPXTKQtb8oDitnorYLQ4MDz_IdUk3oxsnbTHF6Rn4yWhzfVNNbg3Gz7egAa_SWFzYDEG7vQoNHuETHLaNXMxG3ovZFkTas4UeydTY5DoLhvNMtdv18xIcL7E6lr-fOIHbmBVrGO-wJDqFs5NIFwYnqgF2rczwxm7iI3H_b0UfziUB1jW72uNbyevDfrzgspMwSKHUJXaO4uUox2GpFx8iQxLhXG6ds8raDGyOKaMvlUl3HoO9S_H7GtCl3BByAHwRuNmPwAUIaw-tVczykbWeiUnnCv5DMXOgKMGtgC3jP7pMdWjwqL6ydwurjYSosz71EcaB6Nx_0Uu3bKg0adxpvMlaXrTWUyyBhSHmZALszXRj--bv7VTVGBK9AaWYXvUS4NTuceTc3ugI_QrYx88CCxRz3QNEYX9EaWyXZM7kHda1tAn-2uSXdoYcV5T2dRCdblRJle-73gITjeoaThCG2Aq_zrkWD3MI9LG8mQ6JDwQ_rAf_bL-31kdtSSPGSXbyAa4tVB6v_Ggc2py8Shi9wlLEL_8bEQBn1QlPo7J6ayOiuypCDB5R67ThJitXi2CmlZoc67EgTyirpUD4tU19szYT8fiyipT0i-GksSnkzQ4mdoPuK_l6ewTjHgu0RxwIZzaTk454mB_Nx_9XIvhO6INPxthMSjcIN31E9Yaxt9l5xlKy5bGLqcpyesjWw9VpZMmpgt8_6CYtj4aReC_i2nEOxkOIzr-aoWcYL22rgWZQOIb8eB6Luf_Vw-Nsx6kvuNIRO7TzkTEZ9Ayl3Yco4vKlqjwktGo1ai54OZHa4-Wk2cNX_538AVMP152UNH5tqkwBi6zb_FIhDzlpssXbPzcxnN7gp7XkX30s1-QN-A1d0vLnTpnW4_Yu3KKSv0nLgSzc8GdUTvK1piC0WRi4rduEX4TDsAD8yfdriqNekhsQ5c6NlwsLypDmadZxLrKp6UvGyA93ETmFCKGgY-q1gAFwSfX0rTMXMY9vmF_qfshkhD3nXsmg4qFn6ej3-1D8RGtitVqYCe0wwwxduJ4LKBS521gS2Df6Td1p_5NiPz_QI4IwFsCMcqe3aZpQHn88n7b1wsesnWW3eSmsBP_RbPN0i2dTwd7fmAYTKSA29gEMOfhLSCLsTc_Lyx8xMw-6O1dJ5YBZlsUyEZqzvJgJKUGdJMmjCTZWXiYrZYfD48gylTISd_It8dQMs7vn0691KdeKda9_woS34Lu-stqy6OQtS11q85REGG23622HUjU9v6XrphvEbXyOgqYA92NezWO4e6Y-DlUvREbgx6ygWVQitopnfBKkuidRG3g2T2Xf67CYCuGEP49UNF-mG0Lnz7LE8vSFkf4SjSlLP5XY4DkXNbTC-_XlGhanmVE9z7ZxFhEUUuXpLitgW-AIbpRdN5KdTgDcwSLmv9K5D6z4mkCBRzhIgTsYBvgHmCLDosg6Ng5KfFyasWBbiwgyeQIF8tp7ZG92wyVozRr8HOIsLPRFPpbFQxgiSSuWa0ugL-uAVrHLUvD1TG_eFsAILdP5Z4s6b1Y8r-WtjQm8WCWymXwujMlnAsS69Vtwp0vHN3Y_x9PSkKrQhjpxI7lLnVXVG9O1_IskYHVh-dGl5BShbQWn-maPh4lJAGMhVb9aBjqCjj&cid=CAASJeRou8gvRGQO-DPFkgBA15feRNFRehkhahabgi9Rd4fyMOTWj2w&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:58:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 1A2E
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHqp6K43ksDsmRoUgM4TwN47p0kE8ba1IALGA1evOFxy1BR75fi3eeoA8VvC-SYrz4zIC4P-Uscd7L23Nauac9GsXJxt-TrlRib_v6H-G2FLYpqxTIRA0B-r6q8MFLWjwAGkd-2jdqxt3wpLNiU8P5X5m6UA&dbm_d=AKAmf-CBg3EhqpxSp-XSRjNURb2mixHD6E7cANGIxXlzbCcGnTysKn0FOKC2h1a0jCc2wN3N99fEX76_Vte8iDgzrvTMU6Uo0lEff32W5m_3c6katYGApDvrId7UAOubT0VS78ZkHWloQ9tNhDmi3vxNZ88xtfwoheh9RJNLop3rjVDOC2tRdYEr_BKCB8cGcSbuIxV9StQk-cs0jhew4Ehji3_rvMONGYRzoJcs9WbGPKl8cIohPh336KYmReyBCQ12pptpgOpCO6GG8ZfiGPLhSKYvfOny06bZxAw6oWsyO6pcUn2ikJfy7yzZEGkBA5wG9fk7AmH2k9WqmdBFn3gyofR_WAwAuICxRe4Tt1Vo_raW2T33xZf-1HkcVRDGlZCL5SJ2fJUcjsCLOUR_CukffqPFl8KCQqoozxqm3b-Xt_OLbClW6VwLcajODM0whaOC63lM2TaKuSKNS4_Lg0FJSIxgEMp7ScLG6RlgiR8Wr9bp3UTzoKyeqUU_pbqsftnB4WVJIy4hB8wLuOeSz-isuXLtmZamGEjHUaJAYYpDCMptmaJS3brP95T0N0cAdqk_IUnRJ44Ke-wLtUA6e_BDESaB15a7E_c1f9jzX1NArZ3IJwPRTN3V044_87_YLsddUClkAB5zsEWH8VKb2kBGVTz_BXciYGe9RMePxYS5x9hJiBMBY5kghuwfYZvcdHQgAq3vyPHIlX9CH71dWzSXsokNz86TOlEuucocZMCCYksfOYxNZSQzeV_JstSxA3qDVj7kbMZtitAuLTDh76Tb5YyHtVneGBbdQ9deDXE9ughRubJNtI5iFAsTqNf5WrBWVUX-b1i2L_NiBQNiFYIsaUaJwP2cx3bBg5SbiKYf-VqJCUzylENXw5fuQAXA5e81JOon7xU0tG8cOvOsXnLxrGNKW4Ged1CUZ78ZsFs6hhuTUVvSB-UyINs7IwwTPvZx3iBP_i4HCA9jmmmP01jsuQWp_L5UaCPmOM6lEC3mbL7t9h1geEV4KvMhCtxxAdm9UKyBZFtySUa--FXKHaXstd0UMMn_yBDiPi-xCCAGiUKwbbGruK8vRs_3M_qKwAUAUQvURjVIV3Lne9W3_kxXbR-afKtpJPUIb5TR_gCbPq5XViidGdUsdzYsVfS7KvQHHi2-UXD4AAv7zLnop9-i4v_cT11-K_sZ04J0iKiYkNhiaoRDBjLWPTxvhyTGnxc4SOpSf0yprqyQQJKLKSyBdHOVioaGNrJvaQa8WAJWPuiu8pXz-P7_No2LieImAFzN5-cYjZOokas2jec6qEPYGVadSMv23ubCYnloav-8mzB4NgN8VbOYfcq33nTlDBdzTBqhxs6bMk5ys4W5FvwDI0iA3Ijf7vVM4VJ49qmupBLiOjpwWAYeEsbdP4gshZvlpxsda26QczUx7g7O5CtikPC-4Ddc9JHWr6KJ3yVn3j0qa_CI0vbeEkGnoYidn8eFZcQw_GDzcT5zlAJUze5RsAB-Q9Mq18r7yPPRjX2rU3GN5HiZmpq-oYECM-HMoOQTcnPfObl_XXTkkooBgFv0p5qvQPjSQW8zZO5k8zIg3D55Wkizmv8NLBExRKAP4FjTAPDUfZcFdiph-GJmDGIMDne7zUzYHO9AM__ztW2AHpbT7n3Bn5i28JEg-KBxMBWazYJVavrqR5XgX6xPi6B6WlxlANPXTKQtb8oDitnorYLQ4MDz_IdUk3oxsnbTHF6Rn4yWhzfVNNbg3Gz7egAa_SWFzYDEG7vQoNHuETHLaNXMxG3ovZFkTas4UeydTY5DoLhvNMtdv18xIcL7E6lr-fOIHbmBVrGO-wJDqFs5NIFwYnqgF2rczwxm7iI3H_b0UfziUB1jW72uNbyevDfrzgspMwSKHUJXaO4uUox2GpFx8iQxLhXG6ds8raDGyOKaMvlUl3HoO9S_H7GtCl3BByAHwRuNmPwAUIaw-tVczykbWeiUnnCv5DMXOgKMGtgC3jP7pMdWjwqL6ydwurjYSosz71EcaB6Nx_0Uu3bKg0adxpvMlaXrTWUyyBhSHmZALszXRj--bv7VTVGBK9AaWYXvUS4NTuceTc3ugI_QrYx88CCxRz3QNEYX9EaWyXZM7kHda1tAn-2uSXdoYcV5T2dRCdblRJle-73gITjeoaThCG2Aq_zrkWD3MI9LG8mQ6JDwQ_rAf_bL-31kdtSSPGSXbyAa4tVB6v_Ggc2py8Shi9wlLEL_8bEQBn1QlPo7J6ayOiuypCDB5R67ThJitXi2CmlZoc67EgTyirpUD4tU19szYT8fiyipT0i-GksSnkzQ4mdoPuK_l6ewTjHgu0RxwIZzaTk454mB_Nx_9XIvhO6INPxthMSjcIN31E9Yaxt9l5xlKy5bGLqcpyesjWw9VpZMmpgt8_6CYtj4aReC_i2nEOxkOIzr-aoWcYL22rgWZQOIb8eB6Luf_Vw-Nsx6kvuNIRO7TzkTEZ9Ayl3Yco4vKlqjwktGo1ai54OZHa4-Wk2cNX_538AVMP152UNH5tqkwBi6zb_FIhDzlpssXbPzcxnN7gp7XkX30s1-QN-A1d0vLnTpnW4_Yu3KKSv0nLgSzc8GdUTvK1piC0WRi4rduEX4TDsAD8yfdriqNekhsQ5c6NlwsLypDmadZxLrKp6UvGyA93ETmFCKGgY-q1gAFwSfX0rTMXMY9vmF_qfshkhD3nXsmg4qFn6ej3-1D8RGtitVqYCe0wwwxduJ4LKBS521gS2Df6Td1p_5NiPz_QI4IwFsCMcqe3aZpQHn88n7b1wsesnWW3eSmsBP_RbPN0i2dTwd7fmAYTKSA29gEMOfhLSCLsTc_Lyx8xMw-6O1dJ5YBZlsUyEZqzvJgJKUGdJMmjCTZWXiYrZYfD48gylTISd_It8dQMs7vn0691KdeKda9_woS34Lu-stqy6OQtS11q85REGG23622HUjU9v6XrphvEbXyOgqYA92NezWO4e6Y-DlUvREbgx6ygWVQitopnfBKkuidRG3g2T2Xf67CYCuGEP49UNF-mG0Lnz7LE8vSFkf4SjSlLP5XY4DkXNbTC-_XlGhanmVE9z7ZxFhEUUuXpLitgW-AIbpRdN5KdTgDcwSLmv9K5D6z4mkCBRzhIgTsYBvgHmCLDosg6Ng5KfFyasWBbiwgyeQIF8tp7ZG92wyVozRr8HOIsLPRFPpbFQxgiSSuWa0ugL-uAVrHLUvD1TG_eFsAILdP5Z4s6b1Y8r-WtjQm8WCWymXwujMlnAsS69Vtwp0vHN3Y_x9PSkKrQhjpxI7lLnVXVG9O1_IskYHVh-dGl5BShbQWn-maPh4lJAGMhVb9aBjqCjj&cid=CAASJeRou8gvRGQO-DPFkgBA15feRNFRehkhahabgi9Rd4fyMOTWj2w&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:27:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame FA8C
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvV_FWtRElRv2ASh-DzhqRKu5U6Q6MkXx2vAROSNhHEpy6JTPuzdtBkBztRB3KQyCrqBzgABOc6EJ5h0WZARqsGZR10oH7r0y3oM6-MhDvabZBcjxfuQE3gjV3HTH77MSp0POyoc9RdYyMGwWLq1mFAy33Fg&dbm_d=AKAmf-DuZ70V_zILK5P7rDfu2boP1Qd5LwLopukGxg-1blv3T6jUHtTLGTE5a-Y2R37mfZ_XKcz3Vh5em2mA2Ig4a5ogqOOFFg0n8dCaE1AB5fmkB7aWOq1TnlRyPjdI-XvdIVfEMekvziTxnR1_crybclTLeYdw7mLsmWi761wYKxRdm3nAbJMm120tKumKOYmo9dxTLNGQEiB3jtPr21e6o4rXUt7VHG_O2ea_EpHvqkYYAj7qzTQ6XM5y7tQ3EA1C4eAtDgbdrGxJO2Ihi9Om7_5d-Mg0fCRDmWvh6PAlX-y4g6Kxr5yI0-KnBh2SOiW2g_eYEtkDZK3lAUrGHm9UxpIzOSqtCgSoYbTNVYLMc3kCBg2LnhQLhkOgaHJ8bVhbHmLEvABFqZlF3A5vtZvenKxel9mjZYn4eMmwCWchtReok8q-buc5HueX09wa2BZxGLhCqsUqtoiF7FsNJ6-jeCAPl__x12Rh4DjgetaXOPHYZHN5QTTgOTyC6JD6dbwNjCe3AOkklwB7Ksk5w4dm4TDvM-4DIWWmaIEAO6wv-P7J5XoL2h-DwQ2x0QrXaOUyO_W2keZgwF8vlPrqMngR2Ip32Dx9CAUjX-6SVLIHjleSysWBmXIAMmPiRz6ttszolm7O10mUFuMKoWrMoDSaM36cW0d4nSwEuhIRjH4ZzJ9EPrJVg-mWwgW0P18ztd5_IvawsMjv1sutoClVv8mg3aXdNQLdp_OHA2DV3iET3cRw8aPRfezkbL-lW77T6thaCip7TNiZ0fdkJUvl4CGYG6OF6pk1S8_cD_st-YMisLEZxbrErOOOWO2I-l0rRRqqagXOuuWwsSZ6RZma5CNCbYFm9DoA_DDPqCa_-ZxMu56Pt9_GoHPRkqepbuFH-gt4ZUbplBvIQPqhDa5ILD7WkoF6Qmco_mn9EQUkFWJFS5Zl8u5ndMJT5DpMjGPT0Xyp-h28gN131wbsTlA7j2cxoD7L3DdJ_s2wdLKVV-3fpdJQ8YdOteOEx7WmNR5d6vZIqKGReMXGTfKVEFEEW4cuKkI-K6tltsC9i5q4BkwKWeBJtmhTDJiKl_BnxIbISKfWCjUGGkZorvzvQTWcA73HJyZlu6joyHvEmkobVZ1E66_Wd1h3nxiuIVhUuhFE7Db8k9mnvrgGcBkDDYAQQl46f7X_QFJk2mU74HjKiOL4uIk_6aBUQFtmW3c3nnwtwLnWymwA-HOjTUZ-9R_Xp2KMOBzEK3lKjFYNH3AgrCpveReqQ_p9HfnSbbo0cMVMHLgz69Qv79xMw6j1j2lTwOfdPY7gFgGm5bvrt99QG7DRj9zsr8j8aMxH4dWNdYq0cCXK_cqhj0Jt2K4Jq89eC8XihM3IcVkXsYLXA2seUvsdS2Kxy6CxiVnTXe0elmvkXZ4U6f6v5ayC_Ft4zB8Yet64Ryf2v4W4lwFv3y83tR6P8TGSeE-t07trVaIff3hF1wQ5OFx9-fP-ByfgiiqHKtjiNaWmrvMuSMYzQ9qkGWGFZ_Rzyn0BCBGl-ogzsdRUyapxuC-6YyTPbzwY6yJMSOA-M0dIhUZ4HsYYh6ONijdyc50QcbTtAu4MqNEdstU8ibEcgB5m9bYOLZ85VQMSW7Bru7WwdnTyb4YXPu3FpKjpMYIslYUfvgZIzUm-R25kQckmGTYXLOi28jpwJaR4876_p_erltDWA7YUQgF5wJmF-KIYtNGe0hm_9g7zFE__W-5cXvgD3mA9sbigwRnNA1FSfOQqZSljbCMnFjs8Rv6lwopDh3pG1BNr_N1GENQl01HGkRs4rMCNnTAXDsPZsXCRP7Q8jTm2iCLUL7gAY2trg1chr5STnLhBUCt4iYVr5RMR-py9PNToNnjS0azYQdPe6IzggDlnN1V2CxEoxuyT_-nKU1wQqF1p7WBkGwBbPcLuTf8OMhFNgvstG1YKt9W-xXivK9MLLRtKjaIzcFaBv4bh4cCpVkEjDPdimjPghsy7OKeXLuY-EnWlmo1ZyRHMzvVoYZyoDBnBM24zgmkm5wP8Givb4ZRKhwtkHbNvYDRb4lZZ9xzxO2JaOKfNfFhP947zBsdNQfhlK7MAxzFO-9k7u_DNJ7I3_GeU4eXD-mHflk-8zqF1jPQzOpfpng1DwUJ6VrczzARTIOWO3kLctC2Ey7NXgLrsg1mWPQ0knGRO0JaghD80cwT-2i0IOM7XLFBZS6qSkUO_Surd0MusxnyX3T6SrRlX4pE8Ti9puw2ZPHYI8jbkXYZnz_Qd8j7MG4RInq-z7fvdqJWdpPks9CUypJqn9A9XxQ7OgBQt53PSxZL3_0KuBUvu2olSvKE7CZ_YLqAnRDHQjbXFXfqd8Di8cGVD7_vv1oZ3gipRyHV1xtBw7siUodi0aFYt-9Y4gEqdwTatM-OO0IJsyyvasj0EV6Kc-p4jzVM6xlrtewT7Yf2gFyy1xKKfAiS8yeYPB532susCIeSXyetmI6BC5lCe-t_7MuNkd6_9oC4c4eoYr2hQ0jp7pwUdqxfes1KiARh6ehaRTmgtmT1m4i1TZHMs9QKXrfeslGllPFwqDOGP5hhroj0IdD1fQ_sGAKXFN2NBL12qho3pX1X-e8idq3uNwhtNbTE-ZSLisv_P5_rSHxuEDyMeDPMc7ygtZj2Q4WR-Zbut--AwW_XVjXluiiIQHzAuAnhyg4bbanRtAhP1VyV3AQ2MIgDZF5-i-MgLcuASgd2FN8mDyDH7SeAIlamIZ9hCelStCw88HUiKQ3dhwl-yNPZiqGNnuYtSmtlCVFoHI6o5nZTr-hKd3L5c69UTd4kRn_cHRdDGf8l6wqsOOsNmuNvAmC6p92bn7MsQfHBxmbK8kb-f3_bntqWRfmoVyW3EifWendcTNqBE97SPuG1EZ7hkzOzoIr2MJ-PRxk-ahR2mvkSpz1Rspw230gm4WIUIe_5KXZYhCupSdk7LLVZd44MuSS0cvWxCQIYsOBylElu6vBzUSuCNv7fuCVmufg7bEAutwO_imYuGOZ43LHjhzipME1XUvP5uOxxeTZdswHSjczINUYtVgULoyN2BUxS-yQrJ7UIh8IqgM6yMez2pLLW_SMVoNzDXlGcbKBQ-Oo7okkX9JrvcT3DOEBj5vxcyJ7IyixJZw0qdtWin2BrCmxm-iKiJgIT6otrD8zMoHP70e2SdIZsniIyfm788-Ey3goPX1h2Bdq-yKgzPvzEbEQ6CRKzjc0yFRxcte-X3GpnnsyuSUgHWqTpQ2jostS9O9rG8Yt9uKkbDPordOUTfp9GNFcBnCqlDQB_hBr1SXa0ifrkEsUh6TNITFmeaswHQfL_iFzhk56odDlctzmVdKEzPh5HU6NOCBIUQ738qiJCXUOnvv649zBNQTrYH4K6Gu_RmWMrz-gUh3XwFVRvaYnboxN1DuFMxLQgB9y01Wbi4wcg-2GudgVD2I67Xh4EJ2WHzloU-TqAczA-GpSfVUY-OYUy7f5vsPo_dbbJtiypEyHu73vlsB_jjNBg_tc54HNgr-5mSOJZ5ExBbz2hfRXLW10K3m9TSoNYR3p7HJhwC5h4eKGEpz5axK-tCPTT0cE0&cid=CAASJeRocZoHHWsl-dbNjwgHkdipg12sgGUVa6_8QRpYcbHyjn-1vH0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:27:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame FA8C
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvV_FWtRElRv2ASh-DzhqRKu5U6Q6MkXx2vAROSNhHEpy6JTPuzdtBkBztRB3KQyCrqBzgABOc6EJ5h0WZARqsGZR10oH7r0y3oM6-MhDvabZBcjxfuQE3gjV3HTH77MSp0POyoc9RdYyMGwWLq1mFAy33Fg&dbm_d=AKAmf-DuZ70V_zILK5P7rDfu2boP1Qd5LwLopukGxg-1blv3T6jUHtTLGTE5a-Y2R37mfZ_XKcz3Vh5em2mA2Ig4a5ogqOOFFg0n8dCaE1AB5fmkB7aWOq1TnlRyPjdI-XvdIVfEMekvziTxnR1_crybclTLeYdw7mLsmWi761wYKxRdm3nAbJMm120tKumKOYmo9dxTLNGQEiB3jtPr21e6o4rXUt7VHG_O2ea_EpHvqkYYAj7qzTQ6XM5y7tQ3EA1C4eAtDgbdrGxJO2Ihi9Om7_5d-Mg0fCRDmWvh6PAlX-y4g6Kxr5yI0-KnBh2SOiW2g_eYEtkDZK3lAUrGHm9UxpIzOSqtCgSoYbTNVYLMc3kCBg2LnhQLhkOgaHJ8bVhbHmLEvABFqZlF3A5vtZvenKxel9mjZYn4eMmwCWchtReok8q-buc5HueX09wa2BZxGLhCqsUqtoiF7FsNJ6-jeCAPl__x12Rh4DjgetaXOPHYZHN5QTTgOTyC6JD6dbwNjCe3AOkklwB7Ksk5w4dm4TDvM-4DIWWmaIEAO6wv-P7J5XoL2h-DwQ2x0QrXaOUyO_W2keZgwF8vlPrqMngR2Ip32Dx9CAUjX-6SVLIHjleSysWBmXIAMmPiRz6ttszolm7O10mUFuMKoWrMoDSaM36cW0d4nSwEuhIRjH4ZzJ9EPrJVg-mWwgW0P18ztd5_IvawsMjv1sutoClVv8mg3aXdNQLdp_OHA2DV3iET3cRw8aPRfezkbL-lW77T6thaCip7TNiZ0fdkJUvl4CGYG6OF6pk1S8_cD_st-YMisLEZxbrErOOOWO2I-l0rRRqqagXOuuWwsSZ6RZma5CNCbYFm9DoA_DDPqCa_-ZxMu56Pt9_GoHPRkqepbuFH-gt4ZUbplBvIQPqhDa5ILD7WkoF6Qmco_mn9EQUkFWJFS5Zl8u5ndMJT5DpMjGPT0Xyp-h28gN131wbsTlA7j2cxoD7L3DdJ_s2wdLKVV-3fpdJQ8YdOteOEx7WmNR5d6vZIqKGReMXGTfKVEFEEW4cuKkI-K6tltsC9i5q4BkwKWeBJtmhTDJiKl_BnxIbISKfWCjUGGkZorvzvQTWcA73HJyZlu6joyHvEmkobVZ1E66_Wd1h3nxiuIVhUuhFE7Db8k9mnvrgGcBkDDYAQQl46f7X_QFJk2mU74HjKiOL4uIk_6aBUQFtmW3c3nnwtwLnWymwA-HOjTUZ-9R_Xp2KMOBzEK3lKjFYNH3AgrCpveReqQ_p9HfnSbbo0cMVMHLgz69Qv79xMw6j1j2lTwOfdPY7gFgGm5bvrt99QG7DRj9zsr8j8aMxH4dWNdYq0cCXK_cqhj0Jt2K4Jq89eC8XihM3IcVkXsYLXA2seUvsdS2Kxy6CxiVnTXe0elmvkXZ4U6f6v5ayC_Ft4zB8Yet64Ryf2v4W4lwFv3y83tR6P8TGSeE-t07trVaIff3hF1wQ5OFx9-fP-ByfgiiqHKtjiNaWmrvMuSMYzQ9qkGWGFZ_Rzyn0BCBGl-ogzsdRUyapxuC-6YyTPbzwY6yJMSOA-M0dIhUZ4HsYYh6ONijdyc50QcbTtAu4MqNEdstU8ibEcgB5m9bYOLZ85VQMSW7Bru7WwdnTyb4YXPu3FpKjpMYIslYUfvgZIzUm-R25kQckmGTYXLOi28jpwJaR4876_p_erltDWA7YUQgF5wJmF-KIYtNGe0hm_9g7zFE__W-5cXvgD3mA9sbigwRnNA1FSfOQqZSljbCMnFjs8Rv6lwopDh3pG1BNr_N1GENQl01HGkRs4rMCNnTAXDsPZsXCRP7Q8jTm2iCLUL7gAY2trg1chr5STnLhBUCt4iYVr5RMR-py9PNToNnjS0azYQdPe6IzggDlnN1V2CxEoxuyT_-nKU1wQqF1p7WBkGwBbPcLuTf8OMhFNgvstG1YKt9W-xXivK9MLLRtKjaIzcFaBv4bh4cCpVkEjDPdimjPghsy7OKeXLuY-EnWlmo1ZyRHMzvVoYZyoDBnBM24zgmkm5wP8Givb4ZRKhwtkHbNvYDRb4lZZ9xzxO2JaOKfNfFhP947zBsdNQfhlK7MAxzFO-9k7u_DNJ7I3_GeU4eXD-mHflk-8zqF1jPQzOpfpng1DwUJ6VrczzARTIOWO3kLctC2Ey7NXgLrsg1mWPQ0knGRO0JaghD80cwT-2i0IOM7XLFBZS6qSkUO_Surd0MusxnyX3T6SrRlX4pE8Ti9puw2ZPHYI8jbkXYZnz_Qd8j7MG4RInq-z7fvdqJWdpPks9CUypJqn9A9XxQ7OgBQt53PSxZL3_0KuBUvu2olSvKE7CZ_YLqAnRDHQjbXFXfqd8Di8cGVD7_vv1oZ3gipRyHV1xtBw7siUodi0aFYt-9Y4gEqdwTatM-OO0IJsyyvasj0EV6Kc-p4jzVM6xlrtewT7Yf2gFyy1xKKfAiS8yeYPB532susCIeSXyetmI6BC5lCe-t_7MuNkd6_9oC4c4eoYr2hQ0jp7pwUdqxfes1KiARh6ehaRTmgtmT1m4i1TZHMs9QKXrfeslGllPFwqDOGP5hhroj0IdD1fQ_sGAKXFN2NBL12qho3pX1X-e8idq3uNwhtNbTE-ZSLisv_P5_rSHxuEDyMeDPMc7ygtZj2Q4WR-Zbut--AwW_XVjXluiiIQHzAuAnhyg4bbanRtAhP1VyV3AQ2MIgDZF5-i-MgLcuASgd2FN8mDyDH7SeAIlamIZ9hCelStCw88HUiKQ3dhwl-yNPZiqGNnuYtSmtlCVFoHI6o5nZTr-hKd3L5c69UTd4kRn_cHRdDGf8l6wqsOOsNmuNvAmC6p92bn7MsQfHBxmbK8kb-f3_bntqWRfmoVyW3EifWendcTNqBE97SPuG1EZ7hkzOzoIr2MJ-PRxk-ahR2mvkSpz1Rspw230gm4WIUIe_5KXZYhCupSdk7LLVZd44MuSS0cvWxCQIYsOBylElu6vBzUSuCNv7fuCVmufg7bEAutwO_imYuGOZ43LHjhzipME1XUvP5uOxxeTZdswHSjczINUYtVgULoyN2BUxS-yQrJ7UIh8IqgM6yMez2pLLW_SMVoNzDXlGcbKBQ-Oo7okkX9JrvcT3DOEBj5vxcyJ7IyixJZw0qdtWin2BrCmxm-iKiJgIT6otrD8zMoHP70e2SdIZsniIyfm788-Ey3goPX1h2Bdq-yKgzPvzEbEQ6CRKzjc0yFRxcte-X3GpnnsyuSUgHWqTpQ2jostS9O9rG8Yt9uKkbDPordOUTfp9GNFcBnCqlDQB_hBr1SXa0ifrkEsUh6TNITFmeaswHQfL_iFzhk56odDlctzmVdKEzPh5HU6NOCBIUQ738qiJCXUOnvv649zBNQTrYH4K6Gu_RmWMrz-gUh3XwFVRvaYnboxN1DuFMxLQgB9y01Wbi4wcg-2GudgVD2I67Xh4EJ2WHzloU-TqAczA-GpSfVUY-OYUy7f5vsPo_dbbJtiypEyHu73vlsB_jjNBg_tc54HNgr-5mSOJZ5ExBbz2hfRXLW10K3m9TSoNYR3p7HJhwC5h4eKGEpz5axK-tCPTT0cE0&cid=CAASJeRocZoHHWsl-dbNjwgHkdipg12sgGUVa6_8QRpYcbHyjn-1vH0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:58:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FA8C
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4IOWVRcEelx7D2HIlKx92DW8vOgqTmkjfUtP-3RSQYOxJYnCLs1Zef3bTCX25Px0ny3u-Ua_B9yR88zZkGJABTjF4M9NRJMWWiph00hgSz88rsyyVPl09ffHYk2uX1rbKK_cJDsV73jmBSU9i7gLKyLDSiGiX5jUuFuNYkq7W3yKCmCuOskPA5fT3t9Lowurh2yiGV_H21wuNu5DU_Q_6N4D7om6eOHonWVAtyRHB3o-cr-A7e_snQjjqrxDWeMQ_c9-h_KpRN10dwUqsQevxUbHzKF04PBsLl79DrA7OYTXOAb1CmdIxiaB8fKNUw3IatNN7-4yei_l2rcX3Wy_RTI64doeJNES9iytRx6i8w13OBntYGXim-7p_v8_fJ7Q7e9sflzXdSKAtgHrNJ-TNAFefc8VdywxwMN54R_3EHEZlx51MNFLD00Y473r3dKh7Jh60_CKe9zoyhlyUjEFFt04A6ZLj-dlIa-V_0bNNR6zcq4zF9jh0eQmyOTaZjyoPYA_c3GMWbZxQVy-_7FCfNO9e0uoA0GkM5ykAWb7bUeGpdTK6NyMSrOOW5oHsZTRA1roi34NAWIG_XyAG1aZezH7A8AovceW1RtHp6S0-aDzBQRvi0a7g__6PXEIRFa9-_VbAXtPZMzRDeBxGp2Y4Y4w0n1wdQ7SuLX2Q_RLopI7aS3D16XsyFLZJqWeifGpL9iruno0qjwEU2eiE9a74vlDEoikag-zczDkYIqMmXJmKyHfm8Ji98lYfKltaWy_eokv8yAVY_CMezRU7sZYCu0MpQOvNUutSacuAsZtvLRv7OiC2rxYloSIKohDvFyFEjorbvzYUy2cDFKIgwgyc9GB-7isadfwauonN4fJ0UzkTTcZzkRbcwm0XzTNl4sQg5xaYSuj_JuUInoFSLGNEMTilVkKjhlkoEb14m-djfKrH-8kEDXxzvR6oKaKSrOOAMaYRNFKprUtToqJL0sYgwC-8qIA2e-AYSLViOTxopvD-K3CYU4o9LaSuMeDMaoUpa6SO_EbCvI8bZ-8EN2teCQbfPoP7KtgmcjDYJU_h5FpaW8LYmn_uJgXaXAhHTwDaB3Is5r-rFauT7Dzv0fi2x-fI2Bf0DHM5-0D6qD4ToTfyt6JBU_oi0LNVRBZulVXx5DyYrefiFT9zAA4ZdoYIVcUpZ6i6BnyLHe8oaNxqhJAtuPd8FHiE6qV5nOqYHFCGFkrrnGYSJHHmgCUovcRU2ivlM94RBS7UrT2FSIoRjvzhZnrtARPHHvQ8u10tjZKYIWNY5d1V3AgtavpP68IL0YI4YWPIy5zruruud1unkjUFDvt9dTXGWspz6AA7gpNnkSyBNzYyvKC28_FSoXU41Ex9zwAv3Kn0OoKRddLKGeypfBQgBQCmAKmpeh35f-Qww2XcxIPgORLtnQ&sai=AMfl-YSmLOJhJaOvymoZ6iRJC8SjnKZSKEnuJ-VOxz3Lpk5EjkYAGb_xidmi8_xpIEiaykGfSCmKz0yyYf-_czmd3bNkZk80e-P31bnux-dOe-n--QQcIrhBRp84hSfLY9ycJ19uYksadZ8vX7383IWny-BKpkkwKiH-EbM6k5YdOGlD30VPjYSRZH9F6eC0clG0oxxi2t95d6gGG9COJwPpLPqQ&sig=Cg0ArKJSzH-MBXyyAN4LEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220615.02148&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvV_FWtRElRv2ASh-DzhqRKu5U6Q6MkXx2vAROSNhHEpy6JTPuzdtBkBztRB3KQyCrqBzgABOc6EJ5h0WZARqsGZR10oH7r0y3oM6-MhDvabZBcjxfuQE3gjV3HTH77MSp0POyoc9RdYyMGwWLq1mFAy33Fg&dbm_d=AKAmf-DuZ70V_zILK5P7rDfu2boP1Qd5LwLopukGxg-1blv3T6jUHtTLGTE5a-Y2R37mfZ_XKcz3Vh5em2mA2Ig4a5ogqOOFFg0n8dCaE1AB5fmkB7aWOq1TnlRyPjdI-XvdIVfEMekvziTxnR1_crybclTLeYdw7mLsmWi761wYKxRdm3nAbJMm120tKumKOYmo9dxTLNGQEiB3jtPr21e6o4rXUt7VHG_O2ea_EpHvqkYYAj7qzTQ6XM5y7tQ3EA1C4eAtDgbdrGxJO2Ihi9Om7_5d-Mg0fCRDmWvh6PAlX-y4g6Kxr5yI0-KnBh2SOiW2g_eYEtkDZK3lAUrGHm9UxpIzOSqtCgSoYbTNVYLMc3kCBg2LnhQLhkOgaHJ8bVhbHmLEvABFqZlF3A5vtZvenKxel9mjZYn4eMmwCWchtReok8q-buc5HueX09wa2BZxGLhCqsUqtoiF7FsNJ6-jeCAPl__x12Rh4DjgetaXOPHYZHN5QTTgOTyC6JD6dbwNjCe3AOkklwB7Ksk5w4dm4TDvM-4DIWWmaIEAO6wv-P7J5XoL2h-DwQ2x0QrXaOUyO_W2keZgwF8vlPrqMngR2Ip32Dx9CAUjX-6SVLIHjleSysWBmXIAMmPiRz6ttszolm7O10mUFuMKoWrMoDSaM36cW0d4nSwEuhIRjH4ZzJ9EPrJVg-mWwgW0P18ztd5_IvawsMjv1sutoClVv8mg3aXdNQLdp_OHA2DV3iET3cRw8aPRfezkbL-lW77T6thaCip7TNiZ0fdkJUvl4CGYG6OF6pk1S8_cD_st-YMisLEZxbrErOOOWO2I-l0rRRqqagXOuuWwsSZ6RZma5CNCbYFm9DoA_DDPqCa_-ZxMu56Pt9_GoHPRkqepbuFH-gt4ZUbplBvIQPqhDa5ILD7WkoF6Qmco_mn9EQUkFWJFS5Zl8u5ndMJT5DpMjGPT0Xyp-h28gN131wbsTlA7j2cxoD7L3DdJ_s2wdLKVV-3fpdJQ8YdOteOEx7WmNR5d6vZIqKGReMXGTfKVEFEEW4cuKkI-K6tltsC9i5q4BkwKWeBJtmhTDJiKl_BnxIbISKfWCjUGGkZorvzvQTWcA73HJyZlu6joyHvEmkobVZ1E66_Wd1h3nxiuIVhUuhFE7Db8k9mnvrgGcBkDDYAQQl46f7X_QFJk2mU74HjKiOL4uIk_6aBUQFtmW3c3nnwtwLnWymwA-HOjTUZ-9R_Xp2KMOBzEK3lKjFYNH3AgrCpveReqQ_p9HfnSbbo0cMVMHLgz69Qv79xMw6j1j2lTwOfdPY7gFgGm5bvrt99QG7DRj9zsr8j8aMxH4dWNdYq0cCXK_cqhj0Jt2K4Jq89eC8XihM3IcVkXsYLXA2seUvsdS2Kxy6CxiVnTXe0elmvkXZ4U6f6v5ayC_Ft4zB8Yet64Ryf2v4W4lwFv3y83tR6P8TGSeE-t07trVaIff3hF1wQ5OFx9-fP-ByfgiiqHKtjiNaWmrvMuSMYzQ9qkGWGFZ_Rzyn0BCBGl-ogzsdRUyapxuC-6YyTPbzwY6yJMSOA-M0dIhUZ4HsYYh6ONijdyc50QcbTtAu4MqNEdstU8ibEcgB5m9bYOLZ85VQMSW7Bru7WwdnTyb4YXPu3FpKjpMYIslYUfvgZIzUm-R25kQckmGTYXLOi28jpwJaR4876_p_erltDWA7YUQgF5wJmF-KIYtNGe0hm_9g7zFE__W-5cXvgD3mA9sbigwRnNA1FSfOQqZSljbCMnFjs8Rv6lwopDh3pG1BNr_N1GENQl01HGkRs4rMCNnTAXDsPZsXCRP7Q8jTm2iCLUL7gAY2trg1chr5STnLhBUCt4iYVr5RMR-py9PNToNnjS0azYQdPe6IzggDlnN1V2CxEoxuyT_-nKU1wQqF1p7WBkGwBbPcLuTf8OMhFNgvstG1YKt9W-xXivK9MLLRtKjaIzcFaBv4bh4cCpVkEjDPdimjPghsy7OKeXLuY-EnWlmo1ZyRHMzvVoYZyoDBnBM24zgmkm5wP8Givb4ZRKhwtkHbNvYDRb4lZZ9xzxO2JaOKfNfFhP947zBsdNQfhlK7MAxzFO-9k7u_DNJ7I3_GeU4eXD-mHflk-8zqF1jPQzOpfpng1DwUJ6VrczzARTIOWO3kLctC2Ey7NXgLrsg1mWPQ0knGRO0JaghD80cwT-2i0IOM7XLFBZS6qSkUO_Surd0MusxnyX3T6SrRlX4pE8Ti9puw2ZPHYI8jbkXYZnz_Qd8j7MG4RInq-z7fvdqJWdpPks9CUypJqn9A9XxQ7OgBQt53PSxZL3_0KuBUvu2olSvKE7CZ_YLqAnRDHQjbXFXfqd8Di8cGVD7_vv1oZ3gipRyHV1xtBw7siUodi0aFYt-9Y4gEqdwTatM-OO0IJsyyvasj0EV6Kc-p4jzVM6xlrtewT7Yf2gFyy1xKKfAiS8yeYPB532susCIeSXyetmI6BC5lCe-t_7MuNkd6_9oC4c4eoYr2hQ0jp7pwUdqxfes1KiARh6ehaRTmgtmT1m4i1TZHMs9QKXrfeslGllPFwqDOGP5hhroj0IdD1fQ_sGAKXFN2NBL12qho3pX1X-e8idq3uNwhtNbTE-ZSLisv_P5_rSHxuEDyMeDPMc7ygtZj2Q4WR-Zbut--AwW_XVjXluiiIQHzAuAnhyg4bbanRtAhP1VyV3AQ2MIgDZF5-i-MgLcuASgd2FN8mDyDH7SeAIlamIZ9hCelStCw88HUiKQ3dhwl-yNPZiqGNnuYtSmtlCVFoHI6o5nZTr-hKd3L5c69UTd4kRn_cHRdDGf8l6wqsOOsNmuNvAmC6p92bn7MsQfHBxmbK8kb-f3_bntqWRfmoVyW3EifWendcTNqBE97SPuG1EZ7hkzOzoIr2MJ-PRxk-ahR2mvkSpz1Rspw230gm4WIUIe_5KXZYhCupSdk7LLVZd44MuSS0cvWxCQIYsOBylElu6vBzUSuCNv7fuCVmufg7bEAutwO_imYuGOZ43LHjhzipME1XUvP5uOxxeTZdswHSjczINUYtVgULoyN2BUxS-yQrJ7UIh8IqgM6yMez2pLLW_SMVoNzDXlGcbKBQ-Oo7okkX9JrvcT3DOEBj5vxcyJ7IyixJZw0qdtWin2BrCmxm-iKiJgIT6otrD8zMoHP70e2SdIZsniIyfm788-Ey3goPX1h2Bdq-yKgzPvzEbEQ6CRKzjc0yFRxcte-X3GpnnsyuSUgHWqTpQ2jostS9O9rG8Yt9uKkbDPordOUTfp9GNFcBnCqlDQB_hBr1SXa0ifrkEsUh6TNITFmeaswHQfL_iFzhk56odDlctzmVdKEzPh5HU6NOCBIUQ738qiJCXUOnvv649zBNQTrYH4K6Gu_RmWMrz-gUh3XwFVRvaYnboxN1DuFMxLQgB9y01Wbi4wcg-2GudgVD2I67Xh4EJ2WHzloU-TqAczA-GpSfVUY-OYUy7f5vsPo_dbbJtiypEyHu73vlsB_jjNBg_tc54HNgr-5mSOJZ5ExBbz2hfRXLW10K3m9TSoNYR3p7HJhwC5h4eKGEpz5axK-tCPTT0cE0&cid=CAASJeRocZoHHWsl-dbNjwgHkdipg12sgGUVa6_8QRpYcbHyjn-1vH0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 18 Jun 2022 04:31:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FA8C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvV_FWtRElRv2ASh-DzhqRKu5U6Q6MkXx2vAROSNhHEpy6JTPuzdtBkBztRB3KQyCrqBzgABOc6EJ5h0WZARqsGZR10oH7r0y3oM6-MhDvabZBcjxfuQE3gjV3HTH77MSp0POyoc9RdYyMGwWLq1mFAy33Fg&dbm_d=AKAmf-DuZ70V_zILK5P7rDfu2boP1Qd5LwLopukGxg-1blv3T6jUHtTLGTE5a-Y2R37mfZ_XKcz3Vh5em2mA2Ig4a5ogqOOFFg0n8dCaE1AB5fmkB7aWOq1TnlRyPjdI-XvdIVfEMekvziTxnR1_crybclTLeYdw7mLsmWi761wYKxRdm3nAbJMm120tKumKOYmo9dxTLNGQEiB3jtPr21e6o4rXUt7VHG_O2ea_EpHvqkYYAj7qzTQ6XM5y7tQ3EA1C4eAtDgbdrGxJO2Ihi9Om7_5d-Mg0fCRDmWvh6PAlX-y4g6Kxr5yI0-KnBh2SOiW2g_eYEtkDZK3lAUrGHm9UxpIzOSqtCgSoYbTNVYLMc3kCBg2LnhQLhkOgaHJ8bVhbHmLEvABFqZlF3A5vtZvenKxel9mjZYn4eMmwCWchtReok8q-buc5HueX09wa2BZxGLhCqsUqtoiF7FsNJ6-jeCAPl__x12Rh4DjgetaXOPHYZHN5QTTgOTyC6JD6dbwNjCe3AOkklwB7Ksk5w4dm4TDvM-4DIWWmaIEAO6wv-P7J5XoL2h-DwQ2x0QrXaOUyO_W2keZgwF8vlPrqMngR2Ip32Dx9CAUjX-6SVLIHjleSysWBmXIAMmPiRz6ttszolm7O10mUFuMKoWrMoDSaM36cW0d4nSwEuhIRjH4ZzJ9EPrJVg-mWwgW0P18ztd5_IvawsMjv1sutoClVv8mg3aXdNQLdp_OHA2DV3iET3cRw8aPRfezkbL-lW77T6thaCip7TNiZ0fdkJUvl4CGYG6OF6pk1S8_cD_st-YMisLEZxbrErOOOWO2I-l0rRRqqagXOuuWwsSZ6RZma5CNCbYFm9DoA_DDPqCa_-ZxMu56Pt9_GoHPRkqepbuFH-gt4ZUbplBvIQPqhDa5ILD7WkoF6Qmco_mn9EQUkFWJFS5Zl8u5ndMJT5DpMjGPT0Xyp-h28gN131wbsTlA7j2cxoD7L3DdJ_s2wdLKVV-3fpdJQ8YdOteOEx7WmNR5d6vZIqKGReMXGTfKVEFEEW4cuKkI-K6tltsC9i5q4BkwKWeBJtmhTDJiKl_BnxIbISKfWCjUGGkZorvzvQTWcA73HJyZlu6joyHvEmkobVZ1E66_Wd1h3nxiuIVhUuhFE7Db8k9mnvrgGcBkDDYAQQl46f7X_QFJk2mU74HjKiOL4uIk_6aBUQFtmW3c3nnwtwLnWymwA-HOjTUZ-9R_Xp2KMOBzEK3lKjFYNH3AgrCpveReqQ_p9HfnSbbo0cMVMHLgz69Qv79xMw6j1j2lTwOfdPY7gFgGm5bvrt99QG7DRj9zsr8j8aMxH4dWNdYq0cCXK_cqhj0Jt2K4Jq89eC8XihM3IcVkXsYLXA2seUvsdS2Kxy6CxiVnTXe0elmvkXZ4U6f6v5ayC_Ft4zB8Yet64Ryf2v4W4lwFv3y83tR6P8TGSeE-t07trVaIff3hF1wQ5OFx9-fP-ByfgiiqHKtjiNaWmrvMuSMYzQ9qkGWGFZ_Rzyn0BCBGl-ogzsdRUyapxuC-6YyTPbzwY6yJMSOA-M0dIhUZ4HsYYh6ONijdyc50QcbTtAu4MqNEdstU8ibEcgB5m9bYOLZ85VQMSW7Bru7WwdnTyb4YXPu3FpKjpMYIslYUfvgZIzUm-R25kQckmGTYXLOi28jpwJaR4876_p_erltDWA7YUQgF5wJmF-KIYtNGe0hm_9g7zFE__W-5cXvgD3mA9sbigwRnNA1FSfOQqZSljbCMnFjs8Rv6lwopDh3pG1BNr_N1GENQl01HGkRs4rMCNnTAXDsPZsXCRP7Q8jTm2iCLUL7gAY2trg1chr5STnLhBUCt4iYVr5RMR-py9PNToNnjS0azYQdPe6IzggDlnN1V2CxEoxuyT_-nKU1wQqF1p7WBkGwBbPcLuTf8OMhFNgvstG1YKt9W-xXivK9MLLRtKjaIzcFaBv4bh4cCpVkEjDPdimjPghsy7OKeXLuY-EnWlmo1ZyRHMzvVoYZyoDBnBM24zgmkm5wP8Givb4ZRKhwtkHbNvYDRb4lZZ9xzxO2JaOKfNfFhP947zBsdNQfhlK7MAxzFO-9k7u_DNJ7I3_GeU4eXD-mHflk-8zqF1jPQzOpfpng1DwUJ6VrczzARTIOWO3kLctC2Ey7NXgLrsg1mWPQ0knGRO0JaghD80cwT-2i0IOM7XLFBZS6qSkUO_Surd0MusxnyX3T6SrRlX4pE8Ti9puw2ZPHYI8jbkXYZnz_Qd8j7MG4RInq-z7fvdqJWdpPks9CUypJqn9A9XxQ7OgBQt53PSxZL3_0KuBUvu2olSvKE7CZ_YLqAnRDHQjbXFXfqd8Di8cGVD7_vv1oZ3gipRyHV1xtBw7siUodi0aFYt-9Y4gEqdwTatM-OO0IJsyyvasj0EV6Kc-p4jzVM6xlrtewT7Yf2gFyy1xKKfAiS8yeYPB532susCIeSXyetmI6BC5lCe-t_7MuNkd6_9oC4c4eoYr2hQ0jp7pwUdqxfes1KiARh6ehaRTmgtmT1m4i1TZHMs9QKXrfeslGllPFwqDOGP5hhroj0IdD1fQ_sGAKXFN2NBL12qho3pX1X-e8idq3uNwhtNbTE-ZSLisv_P5_rSHxuEDyMeDPMc7ygtZj2Q4WR-Zbut--AwW_XVjXluiiIQHzAuAnhyg4bbanRtAhP1VyV3AQ2MIgDZF5-i-MgLcuASgd2FN8mDyDH7SeAIlamIZ9hCelStCw88HUiKQ3dhwl-yNPZiqGNnuYtSmtlCVFoHI6o5nZTr-hKd3L5c69UTd4kRn_cHRdDGf8l6wqsOOsNmuNvAmC6p92bn7MsQfHBxmbK8kb-f3_bntqWRfmoVyW3EifWendcTNqBE97SPuG1EZ7hkzOzoIr2MJ-PRxk-ahR2mvkSpz1Rspw230gm4WIUIe_5KXZYhCupSdk7LLVZd44MuSS0cvWxCQIYsOBylElu6vBzUSuCNv7fuCVmufg7bEAutwO_imYuGOZ43LHjhzipME1XUvP5uOxxeTZdswHSjczINUYtVgULoyN2BUxS-yQrJ7UIh8IqgM6yMez2pLLW_SMVoNzDXlGcbKBQ-Oo7okkX9JrvcT3DOEBj5vxcyJ7IyixJZw0qdtWin2BrCmxm-iKiJgIT6otrD8zMoHP70e2SdIZsniIyfm788-Ey3goPX1h2Bdq-yKgzPvzEbEQ6CRKzjc0yFRxcte-X3GpnnsyuSUgHWqTpQ2jostS9O9rG8Yt9uKkbDPordOUTfp9GNFcBnCqlDQB_hBr1SXa0ifrkEsUh6TNITFmeaswHQfL_iFzhk56odDlctzmVdKEzPh5HU6NOCBIUQ738qiJCXUOnvv649zBNQTrYH4K6Gu_RmWMrz-gUh3XwFVRvaYnboxN1DuFMxLQgB9y01Wbi4wcg-2GudgVD2I67Xh4EJ2WHzloU-TqAczA-GpSfVUY-OYUy7f5vsPo_dbbJtiypEyHu73vlsB_jjNBg_tc54HNgr-5mSOJZ5ExBbz2hfRXLW10K3m9TSoNYR3p7HJhwC5h4eKGEpz5axK-tCPTT0cE0&cid=CAASJeRocZoHHWsl-dbNjwgHkdipg12sgGUVa6_8QRpYcbHyjn-1vH0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 13:31:50 GMT
18024723863974913086
s0.2mdn.net/simgad/ Frame FA8C
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/18024723863974913086
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ac85d03065782dc4f3a7e93bfbbe18c3f70bb1508d0f432e0525173b156d6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:31:29 GMT
x-content-type-options
nosniff
age
50424
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14966
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 21:56:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 14:31:29 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 94E5
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Origin
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 23:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 23:04:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 94E5
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCIURpoq34J5qZ5Wyai8o-IBR3D6FF4B9euFnE9UjHXcbSt7seFkqFDWLgTfe_rR4RMct-3ExiXWP9ofoyCS0ikfnorGFDGV1qz7ZNE0EYY4Ez1Q2cR3Yr97pqCI8udREX8_fs3NnI8ydCFe9l8oaawegP5Q&dbm_d=AKAmf-DzgO2ptKsWk267rMnxRFYdYW9HXbTSq27BzL7d1ljzWnCI299BXgatUZWVNueTLwZ_QBNK4QS0Kfm8hsTgFpwzcGL7waD3UqRBsmMRJ3RRGVuwR2QGQmPhVKreY2pF11mnUJZM7Mig1828QLVc6x4ZkZcRDd5PZwk0MIE9c52V1aXa2XrS7WGV9rpgSDFdKHWa4MtLNfyQv-inZJu86WYzFFV3xlBWdIng4NNg8UroFQkoWFPuxdDgaqmL0uNhj1FmJB2NcDxP4TTpZLnITOM83UEjOUpYneKFvcPACIQdqInBVxTN1ufXZL6zv56vfNEqQM3M9_-Bopguh4_HWOsBew1mBESnT4dL9EZ6DSaJT5CTa-ObAOwGCHBV81MXZivlbPo76718W1WuD4uxrN7nV-nT0nAJhh2iRj8YWqwW5F0TrH8WmEZvPbjkCC5M2Jc7iqKVivi2JIS9zG_4rj0RYgiH3D7JQ3L4SxNAI5s1Ci8OlUJdieI9O6ANABfUuWWfrPIe7dSHuYjNXlyqgH5HgPSjSkEsB03Fh-aB8lt1ca9P8n7L8wNUqkgAp8L7CS-C6UgrUIYja2CMy99AV8JdoQyRZcNZSyAQ6ZrTPGimbRKyVtnZ23YUuvFqhKOLiqm5RNf_2JbRIRdyypQHR1AiBD4ajpLLVdPdMi0Xc8DkbVq9pks8-7RM1FsluMYPjp26M5ugxN1O8395HMZsAFo2ialUJHoEvZH849xEQcoNgE0CEveQSMcxVh-EjOYE6Lwr0kG4--zygHszqaGKVTCI1z8b7zlI_cvMlaJE__N6Shoj0Ie3Bm1gjA__xEarkycvvskDWNy-Q97LknRssh9ylMc7EWugN3TIpqVPrPChw4xCgA-qoybpGqtqb-E6tP5zWez9GSzcJYeZfHtJofZSeQcekbq5n-o9U3Jf7UJ-ttSd55P488UXZc2PFwk3iO1Q3kHOf4sPRjT4iMF25jSNlYq-BSp4tk_rAZgmFyPvZUFMzrlk2juvIV8g8-O8rLcYfnHpsnYVueGioeK3YvdPKoBWp2rpIi_tJInfQaYEjDB98F0amFmenm8MLYAc0McysRwjjncTitWLzF2zhRkhVxSV-wqcRPeD5YVaaTf86QWwANw4dMijget-pM0rQAOAOM5Aa_hfLhkX5RFEMUZ9RNK4AXaod0oQPfVxtZUuHux8-0oBsW_zF3yJwUy1X7AM-lSXf77zm8wtRy2YpZ8BTtTesN_FJr8sT958JE6nK96w0AFErB59ut8u70xegu9hqoxHBsY3CWDMKGNzH23gRxmshl0vZUvgGoRiTdWzmXsSBfAq_OOFpH3AI8GYQ_14UUm-tkQXHPOgWnm39Iumwl2k3IJIsnytn6t5pVEg0n58DjUz-uVjw3X99HsiH7hp00YxYG18RXjlrTu-jDh4F9aECXoYNk4S2_P37tO1jDi7-cV6h2ITq2rXHoGvkDvlF5D1kksKMcT5A8ebieA9mT6EPK6BcvgNTt8nxr7oy829LMWUbphPaKPzoOab12CJAaW15FDZHbC1mWFzeFE0LkH1eV2K0mJ6XU0DgvoTcnIqdcbtqQuw9hqbs6Tl4v4GO1Ia1LYxmzPhFb4Xh3CR4QZ6EJNDQHlpA9LqgJ0Y6egIOugbXGZGkdHfG0T2tajxDVWlyM-91Na2EOJQ0Z7E33bDiAdqRpoqzHg0mVpDZ0IbZGOclXUAVFs9eNXgNLd9apqhvOZcpmFtnW2xj25KAcQTk4jVMU3kSaLBUi577Nqsc2JTOrpchinPLep6qG4exMfDtwyDtMusB7iC82cKY9PRKXz3TUUMcbfvaeZ6bwTj8YhfLWWirnRfZSyr2ed5b5nOc8D7av_7Mv6cKRW-oaZsvi9dBSPzFkWNO0cag0G4s1nZodJyqcjifS8qqZO5U1rlFUkTGawl7cyqxTsTQVtgQfgzwbfZHCqL5hcHQvVGgd0oXRl9RPLZbJWuBqUsBKv0DriTKHsRGvQYQ5EMpkuiqcyR90hmXZ9QZZGk_XXTTk6cScXdAP0gcPEEOmf4PeX02dHs1-gtfrHx-fMpGV5DJVOCKiWuCnZihpCSDCzBZcHCmmU8XFpia0KwOUlw0BjPiTqHwBhAZUqRCRNLbPQxY_NOQapKlIa5KvXWN3JHgW5mOjo1wlcwIB6mAvlLuT-KiofLTr9g_MhZ2_sgBTe3Lav6hNVznSv5ixRKHjKwJdDK0L142U4xozuJaHWSyOw2JvYxChT7wBYOEdAQE0G1T-d00MCwbiu9DQbV_f5omBmkR3ki9bzbElDnMuxZPVZpAEJoQxxS--hHUNiLnHZ3trveGcQ5XUl3KYvhui3ivlS65GyeBWkcrhtySxIP8G_5p8XKK8cxwb3SKUmxqpT6Zt_MAyES_XBlznbpA8sx7M0j_G9qcKxGqKbjXnvo_uqEhiH-V38xDI5sQjlOyibNsn2ggIxQCq9n0B7eLrf0grQ2J4qYHzUmqCTICTyZch0G7wVo3JR-tAmjka0S6AdYumcU1jpk3pP4m_dUAMHAYbkOeFVGctrJXBviq5h5cOpLvnZOMp8Qd0bna00KOdhqFJH-69-S1xN88Al7OS-kUzHJNAzTNXIXYs2Vx2_IfXlIHObyOLdJHm4tnS9rlLmfSmtFVMmyQXwr1X6-caIPyEku-Vs91LEnEkuPTYsgkLcZJ2jUnCS4xj68VQO3pVkc7eoiHs4iBF6riANCXzNPHMjpbyZwA5MGv7eXqcfXjj0PTrOaW2vysSRIV7Tr8V4PhyOO4sCuyzRl_sNeN8wurv4GeuLh9Or5dq0Yjk9KT484B_QkAaTbyL4yeXv4e7Omo6KjMWSlRXw-QsmdEfsOZ3_LuBitZkC6mS2mpFp92GSBA1ak7Dcu9e6qYgM6IkqSVvMtS-VaIOey_qdPSy7nS-iOczy66jBG7MqnKXPblpOrypuMCYjeZympyWp_Y18GdZ0WD-Quc_cMWMf_hVh7rfkMQKUgGJqG6pu1iiKeZUF6IlGQYFQV547i0jT_DwFt8dKPYJHXBbLuL3PZhtM6PI-0s75oUUb_9Kr59B1VQ3Lhsf6KgL-_Vu-QWRm4yKG8WoyhASVZgBUNFtyrPmeYZUVce4x7nzdwGUHSuCJJvdUXpYjTaIyOJYKKeMTmIW6sFdMVhon3nq3yrpAlvBSyupHT-RRQC1aMFcYQu1G93DcYg-23KDYC4-yfPtP_HkL1i5gJNMgpetyRcH6ECLegCkIe70BPUzGQ9w4GXrDMeZeDmXgIyiRdRdaUFVF-IVG7Z7lKud6ZmNd-tZ5tUk7ea7g&cid=CAASJeRojBbjG4hfFTz1lRUc8Fbhn1ZMkxTS9-HeP0oraATk0xTF-L0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:58:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 94E5
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCIURpoq34J5qZ5Wyai8o-IBR3D6FF4B9euFnE9UjHXcbSt7seFkqFDWLgTfe_rR4RMct-3ExiXWP9ofoyCS0ikfnorGFDGV1qz7ZNE0EYY4Ez1Q2cR3Yr97pqCI8udREX8_fs3NnI8ydCFe9l8oaawegP5Q&dbm_d=AKAmf-DzgO2ptKsWk267rMnxRFYdYW9HXbTSq27BzL7d1ljzWnCI299BXgatUZWVNueTLwZ_QBNK4QS0Kfm8hsTgFpwzcGL7waD3UqRBsmMRJ3RRGVuwR2QGQmPhVKreY2pF11mnUJZM7Mig1828QLVc6x4ZkZcRDd5PZwk0MIE9c52V1aXa2XrS7WGV9rpgSDFdKHWa4MtLNfyQv-inZJu86WYzFFV3xlBWdIng4NNg8UroFQkoWFPuxdDgaqmL0uNhj1FmJB2NcDxP4TTpZLnITOM83UEjOUpYneKFvcPACIQdqInBVxTN1ufXZL6zv56vfNEqQM3M9_-Bopguh4_HWOsBew1mBESnT4dL9EZ6DSaJT5CTa-ObAOwGCHBV81MXZivlbPo76718W1WuD4uxrN7nV-nT0nAJhh2iRj8YWqwW5F0TrH8WmEZvPbjkCC5M2Jc7iqKVivi2JIS9zG_4rj0RYgiH3D7JQ3L4SxNAI5s1Ci8OlUJdieI9O6ANABfUuWWfrPIe7dSHuYjNXlyqgH5HgPSjSkEsB03Fh-aB8lt1ca9P8n7L8wNUqkgAp8L7CS-C6UgrUIYja2CMy99AV8JdoQyRZcNZSyAQ6ZrTPGimbRKyVtnZ23YUuvFqhKOLiqm5RNf_2JbRIRdyypQHR1AiBD4ajpLLVdPdMi0Xc8DkbVq9pks8-7RM1FsluMYPjp26M5ugxN1O8395HMZsAFo2ialUJHoEvZH849xEQcoNgE0CEveQSMcxVh-EjOYE6Lwr0kG4--zygHszqaGKVTCI1z8b7zlI_cvMlaJE__N6Shoj0Ie3Bm1gjA__xEarkycvvskDWNy-Q97LknRssh9ylMc7EWugN3TIpqVPrPChw4xCgA-qoybpGqtqb-E6tP5zWez9GSzcJYeZfHtJofZSeQcekbq5n-o9U3Jf7UJ-ttSd55P488UXZc2PFwk3iO1Q3kHOf4sPRjT4iMF25jSNlYq-BSp4tk_rAZgmFyPvZUFMzrlk2juvIV8g8-O8rLcYfnHpsnYVueGioeK3YvdPKoBWp2rpIi_tJInfQaYEjDB98F0amFmenm8MLYAc0McysRwjjncTitWLzF2zhRkhVxSV-wqcRPeD5YVaaTf86QWwANw4dMijget-pM0rQAOAOM5Aa_hfLhkX5RFEMUZ9RNK4AXaod0oQPfVxtZUuHux8-0oBsW_zF3yJwUy1X7AM-lSXf77zm8wtRy2YpZ8BTtTesN_FJr8sT958JE6nK96w0AFErB59ut8u70xegu9hqoxHBsY3CWDMKGNzH23gRxmshl0vZUvgGoRiTdWzmXsSBfAq_OOFpH3AI8GYQ_14UUm-tkQXHPOgWnm39Iumwl2k3IJIsnytn6t5pVEg0n58DjUz-uVjw3X99HsiH7hp00YxYG18RXjlrTu-jDh4F9aECXoYNk4S2_P37tO1jDi7-cV6h2ITq2rXHoGvkDvlF5D1kksKMcT5A8ebieA9mT6EPK6BcvgNTt8nxr7oy829LMWUbphPaKPzoOab12CJAaW15FDZHbC1mWFzeFE0LkH1eV2K0mJ6XU0DgvoTcnIqdcbtqQuw9hqbs6Tl4v4GO1Ia1LYxmzPhFb4Xh3CR4QZ6EJNDQHlpA9LqgJ0Y6egIOugbXGZGkdHfG0T2tajxDVWlyM-91Na2EOJQ0Z7E33bDiAdqRpoqzHg0mVpDZ0IbZGOclXUAVFs9eNXgNLd9apqhvOZcpmFtnW2xj25KAcQTk4jVMU3kSaLBUi577Nqsc2JTOrpchinPLep6qG4exMfDtwyDtMusB7iC82cKY9PRKXz3TUUMcbfvaeZ6bwTj8YhfLWWirnRfZSyr2ed5b5nOc8D7av_7Mv6cKRW-oaZsvi9dBSPzFkWNO0cag0G4s1nZodJyqcjifS8qqZO5U1rlFUkTGawl7cyqxTsTQVtgQfgzwbfZHCqL5hcHQvVGgd0oXRl9RPLZbJWuBqUsBKv0DriTKHsRGvQYQ5EMpkuiqcyR90hmXZ9QZZGk_XXTTk6cScXdAP0gcPEEOmf4PeX02dHs1-gtfrHx-fMpGV5DJVOCKiWuCnZihpCSDCzBZcHCmmU8XFpia0KwOUlw0BjPiTqHwBhAZUqRCRNLbPQxY_NOQapKlIa5KvXWN3JHgW5mOjo1wlcwIB6mAvlLuT-KiofLTr9g_MhZ2_sgBTe3Lav6hNVznSv5ixRKHjKwJdDK0L142U4xozuJaHWSyOw2JvYxChT7wBYOEdAQE0G1T-d00MCwbiu9DQbV_f5omBmkR3ki9bzbElDnMuxZPVZpAEJoQxxS--hHUNiLnHZ3trveGcQ5XUl3KYvhui3ivlS65GyeBWkcrhtySxIP8G_5p8XKK8cxwb3SKUmxqpT6Zt_MAyES_XBlznbpA8sx7M0j_G9qcKxGqKbjXnvo_uqEhiH-V38xDI5sQjlOyibNsn2ggIxQCq9n0B7eLrf0grQ2J4qYHzUmqCTICTyZch0G7wVo3JR-tAmjka0S6AdYumcU1jpk3pP4m_dUAMHAYbkOeFVGctrJXBviq5h5cOpLvnZOMp8Qd0bna00KOdhqFJH-69-S1xN88Al7OS-kUzHJNAzTNXIXYs2Vx2_IfXlIHObyOLdJHm4tnS9rlLmfSmtFVMmyQXwr1X6-caIPyEku-Vs91LEnEkuPTYsgkLcZJ2jUnCS4xj68VQO3pVkc7eoiHs4iBF6riANCXzNPHMjpbyZwA5MGv7eXqcfXjj0PTrOaW2vysSRIV7Tr8V4PhyOO4sCuyzRl_sNeN8wurv4GeuLh9Or5dq0Yjk9KT484B_QkAaTbyL4yeXv4e7Omo6KjMWSlRXw-QsmdEfsOZ3_LuBitZkC6mS2mpFp92GSBA1ak7Dcu9e6qYgM6IkqSVvMtS-VaIOey_qdPSy7nS-iOczy66jBG7MqnKXPblpOrypuMCYjeZympyWp_Y18GdZ0WD-Quc_cMWMf_hVh7rfkMQKUgGJqG6pu1iiKeZUF6IlGQYFQV547i0jT_DwFt8dKPYJHXBbLuL3PZhtM6PI-0s75oUUb_9Kr59B1VQ3Lhsf6KgL-_Vu-QWRm4yKG8WoyhASVZgBUNFtyrPmeYZUVce4x7nzdwGUHSuCJJvdUXpYjTaIyOJYKKeMTmIW6sFdMVhon3nq3yrpAlvBSyupHT-RRQC1aMFcYQu1G93DcYg-23KDYC4-yfPtP_HkL1i5gJNMgpetyRcH6ECLegCkIe70BPUzGQ9w4GXrDMeZeDmXgIyiRdRdaUFVF-IVG7Z7lKud6ZmNd-tZ5tUk7ea7g&cid=CAASJeRojBbjG4hfFTz1lRUc8Fbhn1ZMkxTS9-HeP0oraATk0xTF-L0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:27:34 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BECE
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Origin
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 23:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 23:04:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame BECE
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DExaPSaJRdoEU_BMUY9meB_PHdLJZZuK-B14C9hwjCeXRS_MgCO9pmP7RTDH6K_NwC09-c4eSgGAAXdoclzJfWAgIWMQTV_Wa6LFBOXpIv3u8DHIXNkoZClmbLZ1qYfFzmFSE9MoxN3pzQ3rtPeumnlHqk-w&dbm_d=AKAmf-AjPRyog-6BkaIAwjDsJjBFL9wqu7lUJpul35vnwXQJ6olNyph2bBGEo7fq0YrXjwynyqXcUJTYh9UyCNT0eghMnUjJ53MTacey2eLc1YMiPEOEP-Fe6TD8cJ1XYXJioERLA8fgEbl8xpm6EWynUYHUby3OMlTAQsKobXFPMDRcViC7nuJsZqXKywKzcFuJBlUobI0VPbunBMrEfYFTmyiWD4P_PvS8eCHIZhnk3jTzvovky4uxlz0lXcBVb-cthnM4sRuZyZmje4V87QCp0NHw-lC61wBYUu8fxt9G7TduijVBfOMCcRyuhyYNBpgbdphbIz41AcfaPJnfETO1RZlWBY69NYyxIOSk7EsavWbgjVgi0JuamSThsxeUtBd10rL9Y1sQw1Qikhp0dr0i1N5B4c1JKo2Vf7or_U4OV5He5T0kuqdVRuDIxpAVVAz_Q_nTg5GtoYLlOM2MVNN42eqOWYPML6_iTTsMfSVNnltJRRX6HcyKUQQmQ97ZPg1CWZZya_bCs2RDjfHbaJPdXZiGXP8GIOnxtLdZ6N3PgW6T_4zYPVo1X9EihcYwWjADH5hD0Nx7lUWndWRZSp5S03M_Kn55FRvBS547zblxba3rGn0bLQg8y2N1HcwynrpBtW2c1wAG5fmQPuPgBNPk9px-4WYCiYjlkOQLOyL9l_aF6RNxfxHqm7uah19PhGA69t_Rk8faja7rWuXeTy0_YH6phdacxqsRiAEmJp1nTjmwa374a0AfGnhujB_4wzvrJT57y68eiK6kxrydaBuzzyovdLiXH1Mw--pwXyI-LyU5hp1bvkA5s8F-Zd1UqAW8izBlnE4bNxL8ZsMJ8TGmEEg0VuLylSirxe2WliZaoqY6_GMhMwblK033ZDAtPw9_vpIal7-FyqdklrCJXYQZ2nqT0v4hAWWa6IsvWbqwPPRqIeoctGHykBnii1Pa673Fn4XJTOpZIPK8ftwoo0h20Y4q5hC2xiLyr6njSimJVbG2C4xePV64I3Y7OjucADTwVbLYPvrYsoqvAPzs7Q6uttsv_beAwy6IVI1AK1tDE2nJkxaSREqe-2u6H5_kofGChXfGMHpAI1PR2lecK-QJ7IVUROXZTZdBGM9MvsAMEK7k3gPQx2njk2yGNgIZGriLuvfQmCI1A2vFXRw1fRIQ1Zcdk32Nzq8AX6o_rcvycmByfkHOgZVROHjEG7Zg7G4Nvt4apEkni5f4ga9Y2MmHMyQBnFNcdINPReoI8dW6pggU53Yvgz_ciuL3b0tlOtCgItZG9biOFfEcT7qeILCc9ZVLaM00JwoktgkfKM-ekbrPcH-T0fa3PaNK7f1_BLd0XhDmmAIcG9sdM5JxvMuGTVn_WCpCFV7a1YQ0hgav5ktQr5CQMa7V535BzIwzmSMZdk8zirncgA96FqjRB1t4Ma5TxOc7LuS9TG_1lZ2-7XUFEhYfjq3lNNBH4NySOqtwQYO0IZxaVuhrezExarCJIzHWfTz1e_ljN1iZGNTYx-va5vpZq74w6A-PH4xz5SLw5Q9hr2BhUELolYKCKMfVHEvl6HPqzHzj322Vn5RwlhTvHD2NcvMgae-5Pr_qDkciWK8Ssf-YM9zBR_USaYE1Gf9xY1pPlNC7wR0YwraPrOBXGDxXhbYwoc3WnE2M_IQ-qH35jjTBNAE8TUiLS_xSjOtvITg-HhkCbtZt8nmpMuadsXEw4ZVGaep0traboDEw27F4ibIBJ6TLyLIOIgd09u7xdrkcOyovSay667vvWrjA4lQ9B4RfNfY7ywxUCH3WaDiwUfGLF98-Q_K1qRl05qm98BuWfSpcA--8dOwsaAGBYRPlNMZQNq2rNZMw0ONENiGOhJI4D9GEr-hDuZdsxDcUTnux7V06KFW946JYhuflPRD1BU7wirjsEMh97ZV7Xdle9S6yKZUQeMw9XskgBJdO0eJhbHGgCvrlB38rc-hy-3EBqPdLBuRKjXWsVKi38_J9k1UA_jnKZAVOMd7xs7ozeEYUxEgeZUBRdT3LQKQvum4IJ-pR5QhhC-YxLqBa7ugY2FK_sbpeUyWozJ-AZJMoNXnsEa60PKh0Lf5Y5pue4gwAZ5YvJFBveNVq5ie82zEfjme5zFxhZ3I1s0Tp4HU-AD-C6NZoNTcvdTgaW0iazukpbCybpuiMCTNaQUkvjg1e-E8LVMKHDhvfPzr-pIhZRgpcyEyrPeNYtfKGqfkJiUL3bbehZrrUcNhQ8YY1QMtrywTimDAy12cvypT_ErFQZpgSC2b44QUqs8Mb0FQLPktZIl--SIbxe4wQGWG9K80w4XDwBKn_rovuV_SospH35fhuWlzQo2fQ4FHFkH0i6goWMB8m7dNa230h81IvIrWLW0DjgdPrqpu_-V0f-6RliWWCYE_iZSZ18efUeYC12yjwBurgvJwbE_SypXZaj6jWzElwrMNbIuU0nAWLAf2tKu2KTHVQ3JiIdnwzAC4oGsIDHND9NPdmt8-iYRFAHB-j9Ggm-srh9ORKsh5U5Jf3MUpfXuNiFYC0MLN1Rj7lRyiShfL9haZss2qxegGCGpG-YEojJaxeiEv0q2s4iG21IduwO08YhhpwHxpr42ntbgTb4dRrCVYjyEN1y2obhXndHBkAm9gfgw-w4wZZa-4G2f68TKI_1KVL-vw-tGpFsvJq_w4M13L09YmE0KMJ_5HzE6cLE3UbyKkwskmgcfAJUjAY_yqG7v9rJzpasL9n73uJrcztWd0jZ1f5VHrWD4-G4Yip56BJRK2ayD1Wn0FhB6ZmjPQF9JPhiMHh3FnlNpMVDr-wed7u1TdyeKm2wgrr8SP15bjZhLKAhBRifWcXldJecpnP7-pwjReUTWFB1DvaWkrdhrkoO7ucus8h9AG0DezC4c-9dGgImylYbA09mjHm3tY7GfA3nqePU5BiurIS5_Qn-KPQ67oZz_f8VJIdLpFeo8iqnKkYtSL3Re7PmzIhq_1Y3XCzlKyiUaxFkX4zc__JvDc2TAIGIFzfKdkkvRfShNpXOY6eKsqK065jgz2EzAtfwSMgakEXyIR-VaAFw2OuLg6woUL5QsvxiSMRKX2oypCZVFBODCrH0aEfDRjuMPVBB1utuGk1p8CCPzGMW6_xNVrLiKPRot-vMdOhRip9JlfjT0_78lvUB1TYQ1a7E5xeu05Lyw5wqCRcUrxbYp07zOh7rNW7nOJ3Xq4Fn7NaKsLJdWiBO9qIG1jrhzKulRXx7RhWW0_1AT9NkkwZE3ZcZnc15Dj5eM_Bd0klB3qMJK1Jc-C7B9-wNm1-8_zCys8I7o9gQaTDmu5nrcr103pGEHvq4aQL0pgP-DLgtnhQ&cid=CAASJeRooAkLZyY11lfRVEmjguofIIpWos6XmqVGbUNfdA5QNegZPO0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 03:58:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame BECE
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DExaPSaJRdoEU_BMUY9meB_PHdLJZZuK-B14C9hwjCeXRS_MgCO9pmP7RTDH6K_NwC09-c4eSgGAAXdoclzJfWAgIWMQTV_Wa6LFBOXpIv3u8DHIXNkoZClmbLZ1qYfFzmFSE9MoxN3pzQ3rtPeumnlHqk-w&dbm_d=AKAmf-AjPRyog-6BkaIAwjDsJjBFL9wqu7lUJpul35vnwXQJ6olNyph2bBGEo7fq0YrXjwynyqXcUJTYh9UyCNT0eghMnUjJ53MTacey2eLc1YMiPEOEP-Fe6TD8cJ1XYXJioERLA8fgEbl8xpm6EWynUYHUby3OMlTAQsKobXFPMDRcViC7nuJsZqXKywKzcFuJBlUobI0VPbunBMrEfYFTmyiWD4P_PvS8eCHIZhnk3jTzvovky4uxlz0lXcBVb-cthnM4sRuZyZmje4V87QCp0NHw-lC61wBYUu8fxt9G7TduijVBfOMCcRyuhyYNBpgbdphbIz41AcfaPJnfETO1RZlWBY69NYyxIOSk7EsavWbgjVgi0JuamSThsxeUtBd10rL9Y1sQw1Qikhp0dr0i1N5B4c1JKo2Vf7or_U4OV5He5T0kuqdVRuDIxpAVVAz_Q_nTg5GtoYLlOM2MVNN42eqOWYPML6_iTTsMfSVNnltJRRX6HcyKUQQmQ97ZPg1CWZZya_bCs2RDjfHbaJPdXZiGXP8GIOnxtLdZ6N3PgW6T_4zYPVo1X9EihcYwWjADH5hD0Nx7lUWndWRZSp5S03M_Kn55FRvBS547zblxba3rGn0bLQg8y2N1HcwynrpBtW2c1wAG5fmQPuPgBNPk9px-4WYCiYjlkOQLOyL9l_aF6RNxfxHqm7uah19PhGA69t_Rk8faja7rWuXeTy0_YH6phdacxqsRiAEmJp1nTjmwa374a0AfGnhujB_4wzvrJT57y68eiK6kxrydaBuzzyovdLiXH1Mw--pwXyI-LyU5hp1bvkA5s8F-Zd1UqAW8izBlnE4bNxL8ZsMJ8TGmEEg0VuLylSirxe2WliZaoqY6_GMhMwblK033ZDAtPw9_vpIal7-FyqdklrCJXYQZ2nqT0v4hAWWa6IsvWbqwPPRqIeoctGHykBnii1Pa673Fn4XJTOpZIPK8ftwoo0h20Y4q5hC2xiLyr6njSimJVbG2C4xePV64I3Y7OjucADTwVbLYPvrYsoqvAPzs7Q6uttsv_beAwy6IVI1AK1tDE2nJkxaSREqe-2u6H5_kofGChXfGMHpAI1PR2lecK-QJ7IVUROXZTZdBGM9MvsAMEK7k3gPQx2njk2yGNgIZGriLuvfQmCI1A2vFXRw1fRIQ1Zcdk32Nzq8AX6o_rcvycmByfkHOgZVROHjEG7Zg7G4Nvt4apEkni5f4ga9Y2MmHMyQBnFNcdINPReoI8dW6pggU53Yvgz_ciuL3b0tlOtCgItZG9biOFfEcT7qeILCc9ZVLaM00JwoktgkfKM-ekbrPcH-T0fa3PaNK7f1_BLd0XhDmmAIcG9sdM5JxvMuGTVn_WCpCFV7a1YQ0hgav5ktQr5CQMa7V535BzIwzmSMZdk8zirncgA96FqjRB1t4Ma5TxOc7LuS9TG_1lZ2-7XUFEhYfjq3lNNBH4NySOqtwQYO0IZxaVuhrezExarCJIzHWfTz1e_ljN1iZGNTYx-va5vpZq74w6A-PH4xz5SLw5Q9hr2BhUELolYKCKMfVHEvl6HPqzHzj322Vn5RwlhTvHD2NcvMgae-5Pr_qDkciWK8Ssf-YM9zBR_USaYE1Gf9xY1pPlNC7wR0YwraPrOBXGDxXhbYwoc3WnE2M_IQ-qH35jjTBNAE8TUiLS_xSjOtvITg-HhkCbtZt8nmpMuadsXEw4ZVGaep0traboDEw27F4ibIBJ6TLyLIOIgd09u7xdrkcOyovSay667vvWrjA4lQ9B4RfNfY7ywxUCH3WaDiwUfGLF98-Q_K1qRl05qm98BuWfSpcA--8dOwsaAGBYRPlNMZQNq2rNZMw0ONENiGOhJI4D9GEr-hDuZdsxDcUTnux7V06KFW946JYhuflPRD1BU7wirjsEMh97ZV7Xdle9S6yKZUQeMw9XskgBJdO0eJhbHGgCvrlB38rc-hy-3EBqPdLBuRKjXWsVKi38_J9k1UA_jnKZAVOMd7xs7ozeEYUxEgeZUBRdT3LQKQvum4IJ-pR5QhhC-YxLqBa7ugY2FK_sbpeUyWozJ-AZJMoNXnsEa60PKh0Lf5Y5pue4gwAZ5YvJFBveNVq5ie82zEfjme5zFxhZ3I1s0Tp4HU-AD-C6NZoNTcvdTgaW0iazukpbCybpuiMCTNaQUkvjg1e-E8LVMKHDhvfPzr-pIhZRgpcyEyrPeNYtfKGqfkJiUL3bbehZrrUcNhQ8YY1QMtrywTimDAy12cvypT_ErFQZpgSC2b44QUqs8Mb0FQLPktZIl--SIbxe4wQGWG9K80w4XDwBKn_rovuV_SospH35fhuWlzQo2fQ4FHFkH0i6goWMB8m7dNa230h81IvIrWLW0DjgdPrqpu_-V0f-6RliWWCYE_iZSZ18efUeYC12yjwBurgvJwbE_SypXZaj6jWzElwrMNbIuU0nAWLAf2tKu2KTHVQ3JiIdnwzAC4oGsIDHND9NPdmt8-iYRFAHB-j9Ggm-srh9ORKsh5U5Jf3MUpfXuNiFYC0MLN1Rj7lRyiShfL9haZss2qxegGCGpG-YEojJaxeiEv0q2s4iG21IduwO08YhhpwHxpr42ntbgTb4dRrCVYjyEN1y2obhXndHBkAm9gfgw-w4wZZa-4G2f68TKI_1KVL-vw-tGpFsvJq_w4M13L09YmE0KMJ_5HzE6cLE3UbyKkwskmgcfAJUjAY_yqG7v9rJzpasL9n73uJrcztWd0jZ1f5VHrWD4-G4Yip56BJRK2ayD1Wn0FhB6ZmjPQF9JPhiMHh3FnlNpMVDr-wed7u1TdyeKm2wgrr8SP15bjZhLKAhBRifWcXldJecpnP7-pwjReUTWFB1DvaWkrdhrkoO7ucus8h9AG0DezC4c-9dGgImylYbA09mjHm3tY7GfA3nqePU5BiurIS5_Qn-KPQ67oZz_f8VJIdLpFeo8iqnKkYtSL3Re7PmzIhq_1Y3XCzlKyiUaxFkX4zc__JvDc2TAIGIFzfKdkkvRfShNpXOY6eKsqK065jgz2EzAtfwSMgakEXyIR-VaAFw2OuLg6woUL5QsvxiSMRKX2oypCZVFBODCrH0aEfDRjuMPVBB1utuGk1p8CCPzGMW6_xNVrLiKPRot-vMdOhRip9JlfjT0_78lvUB1TYQ1a7E5xeu05Lyw5wqCRcUrxbYp07zOh7rNW7nOJ3Xq4Fn7NaKsLJdWiBO9qIG1jrhzKulRXx7RhWW0_1AT9NkkwZE3ZcZnc15Dj5eM_Bd0klB3qMJK1Jc-C7B9-wNm1-8_zCys8I7o9gQaTDmu5nrcr103pGEHvq4aQL0pgP-DLgtnhQ&cid=CAASJeRooAkLZyY11lfRVEmjguofIIpWos6XmqVGbUNfdA5QNegZPO0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:27:34 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 33D7
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655526712&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712666&bpp=1&bdt=905&idt=295&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Mt01NJdoyc&p=https%3A//dengi.ua&dtd=302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1A2E
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 13:31:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 75DD
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1A2E
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61563b78ef92c7b090e047c4c152f6a1853cca61f45cefea1155baa73fdd06ed

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9278
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E22F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
247013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FA8C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32d82eb1abe99026bd3e1e9278d9c646b4beafbeada09e243656e5d62606b75

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 94E5
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 13:31:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2439
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BECE
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 13:31:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1C39
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BECE
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8d86cef844b576c416d227db472a310d92e737dd778c70e184bbbdf1a2a27f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 94E5
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
465e244b397fcad8fe7b66a8f6e6e87200e65c3213bf4da1ff0584c90de790cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=b1a45f41-c850-4c1a-99ab-f9f20ac940a8
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 04:31:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DDCD
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
247014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 744C
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4836930187&adk=3213842082&adf=162540587&pi=t.ma~as.4836930187&w=300&lmt=1655526712&psa=0&format=300x250&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655526712667&bpp=1&bdt=906&idt=305&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1914796011586&frm=20&pv=1&ga_vid=1634419419.1655526712&ga_sid=1655526713&ga_hid=1593202353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31065741%2C42531605%2C42531607%2C31064018&oid=2&pvsid=550910179926182&tmod=1430349668&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AfrtZfKdhk&p=https%3A//dengi.ua&dtd=310
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FA8C
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4IOWVRcEelx7D2HIlKx92DW8vOgqTmkjfUtP-3RSQYOxJYnCLs1Zef3bTCX25Px0ny3u-Ua_B9yR88zZkGJABTjF4M9NRJMWWiph00hgSz88rsyyVPl09ffHYk2uX1rbKK_cJDsV73jmBSU9i7gLKyLDSiGiX5jUuFuNYkq7W3yKCmCuOskPA5fT3t9Lowurh2yiGV_H21wuNu5DU_Q_6N4D7om6eOHonWVAtyRHB3o-cr-A7e_snQjjqrxDWeMQ_c9-h_KpRN10dwUqsQevxUbHzKF04PBsLl79DrA7OYTXOAb1CmdIxiaB8fKNUw3IatNN7-4yei_l2rcX3Wy_RTI64doeJNES9iytRx6i8w13OBntYGXim-7p_v8_fJ7Q7e9sflzXdSKAtgHrNJ-TNAFefc8VdywxwMN54R_3EHEZlx51MNFLD00Y473r3dKh7Jh60_CKe9zoyhlyUjEFFt04A6ZLj-dlIa-V_0bNNR6zcq4zF9jh0eQmyOTaZjyoPYA_c3GMWbZxQVy-_7FCfNO9e0uoA0GkM5ykAWb7bUeGpdTK6NyMSrOOW5oHsZTRA1roi34NAWIG_XyAG1aZezH7A8AovceW1RtHp6S0-aDzBQRvi0a7g__6PXEIRFa9-_VbAXtPZMzRDeBxGp2Y4Y4w0n1wdQ7SuLX2Q_RLopI7aS3D16XsyFLZJqWeifGpL9iruno0qjwEU2eiE9a74vlDEoikag-zczDkYIqMmXJmKyHfm8Ji98lYfKltaWy_eokv8yAVY_CMezRU7sZYCu0MpQOvNUutSacuAsZtvLRv7OiC2rxYloSIKohDvFyFEjorbvzYUy2cDFKIgwgyc9GB-7isadfwauonN4fJ0UzkTTcZzkRbcwm0XzTNl4sQg5xaYSuj_JuUInoFSLGNEMTilVkKjhlkoEb14m-djfKrH-8kEDXxzvR6oKaKSrOOAMaYRNFKprUtToqJL0sYgwC-8qIA2e-AYSLViOTxopvD-K3CYU4o9LaSuMeDMaoUpa6SO_EbCvI8bZ-8EN2teCQbfPoP7KtgmcjDYJU_h5FpaW8LYmn_uJgXaXAhHTwDaB3Is5r-rFauT7Dzv0fi2x-fI2Bf0DHM5-0D6qD4ToTfyt6JBU_oi0LNVRBZulVXx5DyYrefiFT9zAA4ZdoYIVcUpZ6i6BnyLHe8oaNxqhJAtuPd8FHiE6qV5nOqYHFCGFkrrnGYSJHHmgCUovcRU2ivlM94RBS7UrT2FSIoRjvzhZnrtARPHHvQ8u10tjZKYIWNY5d1V3AgtavpP68IL0YI4YWPIy5zruruud1unkjUFDvt9dTXGWspz6AA7gpNnkSyBNzYyvKC28_FSoXU41Ex9zwAv3Kn0OoKRddLKGeypfBQgBQCmAKmpeh35f-Qww2XcxIPgORLtnQ&sai=AMfl-YSmLOJhJaOvymoZ6iRJC8SjnKZSKEnuJ-VOxz3Lpk5EjkYAGb_xidmi8_xpIEiaykGfSCmKz0yyYf-_czmd3bNkZk80e-P31bnux-dOe-n--QQcIrhBRp84hSfLY9ycJ19uYksadZ8vX7383IWny-BKpkkwKiH-EbM6k5YdOGlD30VPjYSRZH9F6eC0clG0oxxi2t95d6gGG9COJwPpLPqQ&sig=Cg0ArKJSzH-MBXyyAN4LEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=224&vt=11&dtpt=223&dett=2&cstd=0&cisv=r20220615.02148&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvV_FWtRElRv2ASh-DzhqRKu5U6Q6MkXx2vAROSNhHEpy6JTPuzdtBkBztRB3KQyCrqBzgABOc6EJ5h0WZARqsGZR10oH7r0y3oM6-MhDvabZBcjxfuQE3gjV3HTH77MSp0POyoc9RdYyMGwWLq1mFAy33Fg&dbm_d=AKAmf-DuZ70V_zILK5P7rDfu2boP1Qd5LwLopukGxg-1blv3T6jUHtTLGTE5a-Y2R37mfZ_XKcz3Vh5em2mA2Ig4a5ogqOOFFg0n8dCaE1AB5fmkB7aWOq1TnlRyPjdI-XvdIVfEMekvziTxnR1_crybclTLeYdw7mLsmWi761wYKxRdm3nAbJMm120tKumKOYmo9dxTLNGQEiB3jtPr21e6o4rXUt7VHG_O2ea_EpHvqkYYAj7qzTQ6XM5y7tQ3EA1C4eAtDgbdrGxJO2Ihi9Om7_5d-Mg0fCRDmWvh6PAlX-y4g6Kxr5yI0-KnBh2SOiW2g_eYEtkDZK3lAUrGHm9UxpIzOSqtCgSoYbTNVYLMc3kCBg2LnhQLhkOgaHJ8bVhbHmLEvABFqZlF3A5vtZvenKxel9mjZYn4eMmwCWchtReok8q-buc5HueX09wa2BZxGLhCqsUqtoiF7FsNJ6-jeCAPl__x12Rh4DjgetaXOPHYZHN5QTTgOTyC6JD6dbwNjCe3AOkklwB7Ksk5w4dm4TDvM-4DIWWmaIEAO6wv-P7J5XoL2h-DwQ2x0QrXaOUyO_W2keZgwF8vlPrqMngR2Ip32Dx9CAUjX-6SVLIHjleSysWBmXIAMmPiRz6ttszolm7O10mUFuMKoWrMoDSaM36cW0d4nSwEuhIRjH4ZzJ9EPrJVg-mWwgW0P18ztd5_IvawsMjv1sutoClVv8mg3aXdNQLdp_OHA2DV3iET3cRw8aPRfezkbL-lW77T6thaCip7TNiZ0fdkJUvl4CGYG6OF6pk1S8_cD_st-YMisLEZxbrErOOOWO2I-l0rRRqqagXOuuWwsSZ6RZma5CNCbYFm9DoA_DDPqCa_-ZxMu56Pt9_GoHPRkqepbuFH-gt4ZUbplBvIQPqhDa5ILD7WkoF6Qmco_mn9EQUkFWJFS5Zl8u5ndMJT5DpMjGPT0Xyp-h28gN131wbsTlA7j2cxoD7L3DdJ_s2wdLKVV-3fpdJQ8YdOteOEx7WmNR5d6vZIqKGReMXGTfKVEFEEW4cuKkI-K6tltsC9i5q4BkwKWeBJtmhTDJiKl_BnxIbISKfWCjUGGkZorvzvQTWcA73HJyZlu6joyHvEmkobVZ1E66_Wd1h3nxiuIVhUuhFE7Db8k9mnvrgGcBkDDYAQQl46f7X_QFJk2mU74HjKiOL4uIk_6aBUQFtmW3c3nnwtwLnWymwA-HOjTUZ-9R_Xp2KMOBzEK3lKjFYNH3AgrCpveReqQ_p9HfnSbbo0cMVMHLgz69Qv79xMw6j1j2lTwOfdPY7gFgGm5bvrt99QG7DRj9zsr8j8aMxH4dWNdYq0cCXK_cqhj0Jt2K4Jq89eC8XihM3IcVkXsYLXA2seUvsdS2Kxy6CxiVnTXe0elmvkXZ4U6f6v5ayC_Ft4zB8Yet64Ryf2v4W4lwFv3y83tR6P8TGSeE-t07trVaIff3hF1wQ5OFx9-fP-ByfgiiqHKtjiNaWmrvMuSMYzQ9qkGWGFZ_Rzyn0BCBGl-ogzsdRUyapxuC-6YyTPbzwY6yJMSOA-M0dIhUZ4HsYYh6ONijdyc50QcbTtAu4MqNEdstU8ibEcgB5m9bYOLZ85VQMSW7Bru7WwdnTyb4YXPu3FpKjpMYIslYUfvgZIzUm-R25kQckmGTYXLOi28jpwJaR4876_p_erltDWA7YUQgF5wJmF-KIYtNGe0hm_9g7zFE__W-5cXvgD3mA9sbigwRnNA1FSfOQqZSljbCMnFjs8Rv6lwopDh3pG1BNr_N1GENQl01HGkRs4rMCNnTAXDsPZsXCRP7Q8jTm2iCLUL7gAY2trg1chr5STnLhBUCt4iYVr5RMR-py9PNToNnjS0azYQdPe6IzggDlnN1V2CxEoxuyT_-nKU1wQqF1p7WBkGwBbPcLuTf8OMhFNgvstG1YKt9W-xXivK9MLLRtKjaIzcFaBv4bh4cCpVkEjDPdimjPghsy7OKeXLuY-EnWlmo1ZyRHMzvVoYZyoDBnBM24zgmkm5wP8Givb4ZRKhwtkHbNvYDRb4lZZ9xzxO2JaOKfNfFhP947zBsdNQfhlK7MAxzFO-9k7u_DNJ7I3_GeU4eXD-mHflk-8zqF1jPQzOpfpng1DwUJ6VrczzARTIOWO3kLctC2Ey7NXgLrsg1mWPQ0knGRO0JaghD80cwT-2i0IOM7XLFBZS6qSkUO_Surd0MusxnyX3T6SrRlX4pE8Ti9puw2ZPHYI8jbkXYZnz_Qd8j7MG4RInq-z7fvdqJWdpPks9CUypJqn9A9XxQ7OgBQt53PSxZL3_0KuBUvu2olSvKE7CZ_YLqAnRDHQjbXFXfqd8Di8cGVD7_vv1oZ3gipRyHV1xtBw7siUodi0aFYt-9Y4gEqdwTatM-OO0IJsyyvasj0EV6Kc-p4jzVM6xlrtewT7Yf2gFyy1xKKfAiS8yeYPB532susCIeSXyetmI6BC5lCe-t_7MuNkd6_9oC4c4eoYr2hQ0jp7pwUdqxfes1KiARh6ehaRTmgtmT1m4i1TZHMs9QKXrfeslGllPFwqDOGP5hhroj0IdD1fQ_sGAKXFN2NBL12qho3pX1X-e8idq3uNwhtNbTE-ZSLisv_P5_rSHxuEDyMeDPMc7ygtZj2Q4WR-Zbut--AwW_XVjXluiiIQHzAuAnhyg4bbanRtAhP1VyV3AQ2MIgDZF5-i-MgLcuASgd2FN8mDyDH7SeAIlamIZ9hCelStCw88HUiKQ3dhwl-yNPZiqGNnuYtSmtlCVFoHI6o5nZTr-hKd3L5c69UTd4kRn_cHRdDGf8l6wqsOOsNmuNvAmC6p92bn7MsQfHBxmbK8kb-f3_bntqWRfmoVyW3EifWendcTNqBE97SPuG1EZ7hkzOzoIr2MJ-PRxk-ahR2mvkSpz1Rspw230gm4WIUIe_5KXZYhCupSdk7LLVZd44MuSS0cvWxCQIYsOBylElu6vBzUSuCNv7fuCVmufg7bEAutwO_imYuGOZ43LHjhzipME1XUvP5uOxxeTZdswHSjczINUYtVgULoyN2BUxS-yQrJ7UIh8IqgM6yMez2pLLW_SMVoNzDXlGcbKBQ-Oo7okkX9JrvcT3DOEBj5vxcyJ7IyixJZw0qdtWin2BrCmxm-iKiJgIT6otrD8zMoHP70e2SdIZsniIyfm788-Ey3goPX1h2Bdq-yKgzPvzEbEQ6CRKzjc0yFRxcte-X3GpnnsyuSUgHWqTpQ2jostS9O9rG8Yt9uKkbDPordOUTfp9GNFcBnCqlDQB_hBr1SXa0ifrkEsUh6TNITFmeaswHQfL_iFzhk56odDlctzmVdKEzPh5HU6NOCBIUQ738qiJCXUOnvv649zBNQTrYH4K6Gu_RmWMrz-gUh3XwFVRvaYnboxN1DuFMxLQgB9y01Wbi4wcg-2GudgVD2I67Xh4EJ2WHzloU-TqAczA-GpSfVUY-OYUy7f5vsPo_dbbJtiypEyHu73vlsB_jjNBg_tc54HNgr-5mSOJZ5ExBbz2hfRXLW10K3m9TSoNYR3p7HJhwC5h4eKGEpz5axK-tCPTT0cE0&cid=CAASJeRocZoHHWsl-dbNjwgHkdipg12sgGUVa6_8QRpYcbHyjn-1vH0&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CD2C
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
247014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9B41
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
247014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 75DD
35 B
362 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHOMJPKBQZLELAZTjRugE14&google_cver=1&google_push=ARnp8GBVmks5zc2P0_1oo3IODGMiyGgdWnvecNFq7twNz4nMXY1LoH5eHK5svNEv3DSgqqqlRlsERqb5MiJjSQHfptMWhKeMo4oXfA
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75DD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBnK-MPyaYcuD0XGkvF-iBU&google_cver=1&google_push=ARnp8GAoTT_NiggS8GznP32mzExPB9Ad0hB-HTicTz6I9oeFX9Hmd3PR5BKW_8tVhWUGVawe-QLDqRAq59g6Xx...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExMDQzMzA5NDI4NzYyMDIzOQ%3D%3D&google_push=ARnp8GAoTT_NiggS8GznP32mzExPB9Ad0hB-HTicTz6I9oeFX9Hmd3PR5BKW_8tVhWUGVawe-QLDqRAq59g6XxglVS...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExMDQzMzA5NDI4NzYyMDIzOQ%3D%3D&google_push=ARnp8GAoTT_NiggS8GznP32mzExPB9Ad0hB-HTicTz6I9oeFX9Hmd3PR5BKW_8tVhWUGVawe-QLDqRAq59g6XxglVSXybCnxQfl_Pw
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzExMDQzMzA5NDI4NzYyMDIzOQ%3D%3D&google_push=ARnp8GAoTT_NiggS8GznP32mzExPB9Ad0hB-HTicTz6I9oeFX9Hmd3PR5BKW_8tVhWUGVawe-QLDqRAq59g6XxglVSXybCnxQfl_Pw
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dot.gif
s0.2mdn.net/ Frame 75DD
43 B
65 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEM24NktVrHkIwO0otQiPO-M&google_cver=1&google_push=ARnp8GCemx7jzO4ZZHU9c0dJhiqE-_yc3wBsAfcvu0bNdjk_klNi4TnBBcYExDbF_l_h7LveFCx0TfS1gIpvTl1-edOsemLQhod3yg
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Jun 2022 04:31:54 GMT
pixel
cm.g.doubleclick.net/ Frame 75DD
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEIO4OPqEoXbXzqo06l65E10&google_cver=1&google_push=ARnp8GCXtrQeAtiJdgem2gCF2jEvVIMePNGrqbqUIlW1hbLGMhIBQve33NtyhCQYVQkUKwQPJ6r2Y4vFL9KacJnci7wjUgK...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=OXVnTEV1b1VKcnJG&google_ula=2046794&google_push=ARnp8GCXtrQeAtiJdgem2gCF2jEvVIMePNGrqbqUIlW1hbLGMhIBQve33NtyhCQYVQkUKwQPJ6r2Y4vFL9...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=OXVnTEV1b1VKcnJG&google_ula=2046794&google_push=ARnp8GCXtrQeAtiJdgem2gCF2jEvVIMePNGrqbqUIlW1hbLGMhIBQve33NtyhCQYVQkUKwQPJ6r2Y4vFL9KacJnci7wjUgKE1RqJMg
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=OXVnTEV1b1VKcnJG&google_ula=2046794&google_push=ARnp8GCXtrQeAtiJdgem2gCF2jEvVIMePNGrqbqUIlW1hbLGMhIBQve33NtyhCQYVQkUKwQPJ6r2Y4vFL9KacJnci7wjUgKE1RqJMg
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
us
sync.go.sonobi.com/ Frame 75DD
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DARnp8GDr-guG9G5u_306tHbNgs1Xg24S_oSK5JAgkhWqCu3PHg1Hc78ZqFK6ryaQbgXVP_HQFC9hEfU8kRd08pnnEm2fraDlrW8L1A%26google_hm%3D%5BUID%5D&google_gid=CAESELdmGEHXEASPF0CYP3DYeMY&google_cver=1
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75DD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDT4vW2KbU9UxYIZfGe_-a0&google_cver=1&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0ci6zlzJrHG4SX0C-Yf0ZrQ8mNtzKv0UVXZc5PHKu5X...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0ci6zlzJrHG4SX0C-Yf0ZrQ8mNtzKv0UVXZc5PHKu5XO...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4MjM5MDQ4MDEyMTM3Njk3NDM5Ng%3D%3D&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4MjM5MDQ4MDEyMTM3Njk3NDM5Ng%3D%3D&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0ci6zlzJrHG4SX0C-Yf0ZrQ8mNtzKv0UVXZc5PHKu5XOZoQ
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4MjM5MDQ4MDEyMTM3Njk3NDM5Ng%3D%3D&google_push=ARnp8GDlJXbZZK_T4505PUVmV5thi1ZZF6Lpmgzi06m2_6ObQpZuNGR0ci6zlzJrHG4SX0C-Yf0ZrQ8mNtzKv0UVXZc5PHKu5XOZoQ
date
Sat, 18 Jun 2022 04:31:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
um
cs.emxdgt.com/ Frame 75DD
0
59 B
Image
General
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEAczOUU0zYn7NjRfVEFmibE&google_cver=1&google_push=ARnp8GBB1ybXv8p7xWoQXGRe204KEBosa6enEqqmBxdQ0GsbXrNvFJ2NCCDC618F7KCBHN5jS6trZ6LBjqsEG26x2t1ez38vawf1XW0
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:53 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 75DD
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHaNwGqxvnj2y7h-xMStbdkGycBg6HNlf6Vjl0N3xB_voSM1_UogzBXWYysKhco1VKhXnvgw
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
google
match.adsrvr.org/track/cmf/ Frame 9278
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGdUsHqjPI62G2ruqp3P48M&google_cver=1&google_push=ARnp8GCGfFnDLN5VY8h74se2JgSdiV9sBO4X8qtkQ_rsVOFUKSQLLZewuMhthhQgUWQ1MRjZ31Wzpd5f8IBx5ZuzRmMskjhZIhI
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9278
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEN3ITnbRDVpVb4PFEOy95Sc&google_cver=1&google_push=ARnp8GBW3KuVBlS-hCm3C0YqVd-ACqfXAxP-YLBb5JLStKEVh099Yk7r6LFzzKVnytUOXY2XA8bh5z5WJb8rJJ4buMJaGrFhC7Ta
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 9278
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEK5VOSFLDPImR1WGEJXUv84&google_cver=1&google_push=ARnp8GAOXtjitE_x9fFngG5YslMK7CKd6sTJNWdeuqLPKQL-pvUwZlLMnNlRcll2O9rLhrgVLWwbgu3xKxIzh78N...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C98iFhHhTgqOxuTbLbiKsw2&google_push=ARnp8GAOXtjitE_x9fFngG5YslMK7CKd6sTJNWdeuqLPKQL-pvUwZlLMnNlRcll2O9rLhrgVLWwbgu3xKxIzh78NCiYp9saUUc-M
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C98iFhHhTgqOxuTbLbiKsw2&google_push=ARnp8GAOXtjitE_x9fFngG5YslMK7CKd6sTJNWdeuqLPKQL-pvUwZlLMnNlRcll2O9rLhrgVLWwbgu3xKxIzh78NCiYp9saUUc-M
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Jun 2022 04:31:54 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C98iFhHhTgqOxuTbLbiKsw2&google_push=ARnp8GAOXtjitE_x9fFngG5YslMK7CKd6sTJNWdeuqLPKQL-pvUwZlLMnNlRcll2O9rLhrgVLWwbgu3xKxIzh78NCiYp9saUUc-M
x-host
tde-deliveryengine-production-d59578b4c-6mm68
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dot.gif
s0.2mdn.net/ Frame 9278
43 B
65 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEFj9uk-_LyuAFBq7_aio3_g&google_cver=1&google_push=ARnp8GBVDgPOzX45qbjqQwmuS46Tc7jabvidH6IWiavtPpo6l5UHV7Un0b7szYdxP4mi7NN6hiSLoEdtjGxtKalsG6EHGJvLiEL6
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Jun 2022 04:31:54 GMT
pixel
cm.g.doubleclick.net/ Frame 9278
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOwdnCDvWxf23owH4lR3u7k&google_cver=1&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc1Y...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOwdnCDvWxf23owH4lR3u7k&google_cver=1&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc1YSRsGH
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc1YSRsGH
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBcazQ51LLIm61_jubh-3Mxwk_IQOaoMDwRASCQ9jBuh5WVTmxcS5xMQjcMMgk8HGMMOLnC9Z4142E3I1c9gQkhc1YSRsGH
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 9278
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgm1AhudMTsu5UPC9uJj0I&google_cver=1&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPgm1AhudMTsu5UPC9uJj0I&google_cver=1&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV1Jtk7sFSFtS&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV1Jtk7sFSFtS&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 18 Jun 2022 04:31:54 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBf_w17YuItjIK6iqQkdDtFd5HuHD0tVeP-MmXCU1n1M4f11KnnN3DruBPyvKs2x03VVCcheli1XhdaMmLfV1Jtk7sFSFtS&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 9278
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECBC2ollYuIS40aMNXGocek&google_cver=1&google_push=ARnp8GD1fy9vAi7LnQBAW5Xi0ghoALqtBNV2ywKduypChMWN9GtWb6160_4jesnXnwzv4Mvzyhx1SwRBGElZvj0w...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD1fy9vAi7LnQBAW5Xi0ghoALqtBNV2ywKduypChMWN9GtWb6160_4jesnXnwzv4Mvzyhx1SwRBGElZvj0wyMiMYON1DEva
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD1fy9vAi7LnQBAW5Xi0ghoALqtBNV2ywKduypChMWN9GtWb6160_4jesnXnwzv4Mvzyhx1SwRBGElZvj0wyMiMYON1DEva
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Jun 2022 04:31:54 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD1fy9vAi7LnQBAW5Xi0ghoALqtBNV2ywKduypChMWN9GtWb6160_4jesnXnwzv4Mvzyhx1SwRBGElZvj0wyMiMYON1DEva
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
95_XXfqdXnNinE6tMe4QUScyiYTuetICcAO7fqm2cg3sR6opsB2Dag==
attr
cm.g.doubleclick.net/pixel/ Frame 9278
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoxuY7lgfkziDOt2UVn98sok9rScPGTcchDGzRPI4zLgrjBoWqGv3RVnKJq8VmZzI1_14S
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame 2439
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJODQI0942UdF0nGmVn42ec&google_cver=1&google_push=ARnp8GCUW2KMAzqz_ot4-sxE5Pk4XSwYrwnGI_z8j2UE8dvqMn-HOw7Wc6BhVyxU9_K3djgIvik6JkRwUsps8NyI1n6KhMKUCjk
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 2439
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAjORYUIWEPmk0t9bgsec1M&google_cver=1&google_push=ARnp8GCcDV-uX0p6QZq5OoAFPoLK2G6oyB4cjGplyTl1maYczzr-mEXL3cXD_S2MaR3ztV8MxPsudioaGXroxkwe6kUyaAU...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCcDV-uX0p6QZq5OoAFPoLK2G6oyB4cjGplyTl1maYczzr-mEXL3cXD_S2MaR3ztV8MxPsudioaGXroxkwe6kUyaAU1amE&google_hm=ODc3OTMwMzUyMjMyOTY3Mjk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCcDV-uX0p6QZq5OoAFPoLK2G6oyB4cjGplyTl1maYczzr-mEXL3cXD_S2MaR3ztV8MxPsudioaGXroxkwe6kUyaAU1amE&google_hm=ODc3OTMwMzUyMjMyOTY3MjkwMA%3D%3D
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Jun 2022 04:31:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCcDV-uX0p6QZq5OoAFPoLK2G6oyB4cjGplyTl1maYczzr-mEXL3cXD_S2MaR3ztV8MxPsudioaGXroxkwe6kUyaAU1amE&google_hm=ODc3OTMwMzUyMjMyOTY3MjkwMA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 2439
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJDoTKSEov8YBeM6zGHXpJM&google_cver=1&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005Yq...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJDoTKSEov8YBeM6zGHXpJM&google_cver=1&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005YqOeNnz
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005YqOeNnz
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GDmEh2BtCaTasoLtnW5Qd7dwm1-xC-f6XYcigQHgvurjV6xKJujv2DweH3q2o8NH6ApCcxVCq4LRPeMnkglYk005YqOeNnz
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 2439
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EfFA7MO3RPm3ypYbf9ZqwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EfFA7MO3RPm3ypYbf9ZqwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAWgdIPkLr1e-YbWQyL7HDKx_7ia478Lhz3DFm7ussObvaOf_kqgTAW_6LxRKEIk_Y1J2hG8-SCMuTYEF7Xaew0ZBCyEkXA
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EfFA7MO3RPm3ypYbf9ZqwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAWgdIPkLr1e-YbWQyL7HDKx_7ia478Lhz3DFm7ussObvaOf_kqgTAW_6LxRKEIk_Y1J2hG8-SCMuTYEF7Xaew0ZBCyEkXA
date
Sat, 18 Jun 2022 04:31:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2439
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH05GGN4902M9QipIWPmrrc&google_cver=1&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeY...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH05GGN4902M9QipIWPmrrc&google_cver=1&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeY...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeYVRnMYmil3tQ&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeYVRnMYmil3tQ&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 18 Jun 2022 04:31:54 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBZLGz2C8iKk7kdHn_WWWE6Y4xhDPCkowydY9drV4zR31dqgIAvsDeDd0-pEhcg9Y18xxRG4dZ0kIfeGbdeYVRnMYmil3tQ&google_hm=E1FvtGZHUTeVMf9ZQ7WVCk8S
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 2439
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHicY41B7OZBw0pOYM8BPks&google_cver=1&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9elaVFZWQKL1dtaCE5...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHicY41B7OZBw0pOYM8BPks&google_cver=1&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9elaVFZWQKL1dtaCE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WVThZbFJKRTJ1RXVDZWRMWHlkOUI4TWZseTJWeU55RH5B&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WVThZbFJKRTJ1RXVDZWRMWHlkOUI4TWZseTJWeU55RH5B&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9elaVFZWQKL1dtaCE5TDyqBaNyUJuiyqLeuhztn3mjCb1Q
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1WVThZbFJKRTJ1RXVDZWRMWHlkOUI4TWZseTJWeU55RH5B&google_push=ARnp8GAwToD7GbJJ8KhzRuTgArBRazF2LW-8w2jmrKwjl8mBqkMFJqnj9elaVFZWQKL1dtaCE5TDyqBaNyUJuiyqLeuhztn3mjCb1Q
date
Sat, 18 Jun 2022 04:31:54 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dot.gif
s0.2mdn.net/ Frame 2439
43 B
65 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBEomKbKk9cnXxm4l4B_ZX0&google_cver=1&google_push=ARnp8GAlzTYE6a2iJXI9bd3D0PoDxOstVClOCdZKV0WbZGhFBVTz8bfHHD7_P09cMi6UqoskEmk9hTlPaIg03Gr2CKuku24MJXJ-YQ
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Jun 2022 04:31:54 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2439
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_YWLCHXtCZ0izK_ZqALVDEGGrP6BhsSDUHieI8l7CX3fYdJZGsYhFLMFgflPEOQ8Im81GVwU
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
google2waycm.netmng.com/cm/ Frame 1C39
0
0

pixel
cm.g.doubleclick.net/ Frame 1C39
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBITU9DMEsxTzJxN001&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&google_cver=1&google_push=ARnp8GDI9A8ijN6_IMC7Q40m9q-lcEmoKQ5Gp0b9MgUN7NA...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBITU9DMEsxTzJxN001&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&google_cver=1&google_push=ARnp8GDI9A8ijN6_IMC7Q40m9q-lcEmoKQ5Gp0b9MgUN7NAEhVdT-bbp1Fr_0wSdWhAkRJbSykXdYPKfLKEDT1X9CYFAJoMDwMY
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-01a8ecf39dae7e86b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QTBITU9DMEsxTzJxN001&google_gid=CAESEKg2H4ur-aFeSt79UvdBpzU&google_cver=1&google_push=ARnp8GDI9A8ijN6_IMC7Q40m9q-lcEmoKQ5Gp0b9MgUN7NAEhVdT-bbp1Fr_0wSdWhAkRJbSykXdYPKfLKEDT1X9CYFAJoMDwMY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1C39
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIzRcTBgw0Zc4E2sLoi9g5c&google_cver=1&google_push=ARnp8GDhA0bWp2LP8WMU-mor1VDGR1CI7uihPv1RYqUMGogkYc8pemxOzgCpxWZYufnKPyeP71XJKov8FRzcivtt...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P01irVU4RwCJ6bnwxZzKYw&google_push=ARnp8GDhA0bWp2LP8WMU-mor1VDGR1CI7uihPv1RYqUMGogkYc8pemxOzgCpxWZYufnKPyeP71XJKov8FRzcivttFsaRw3IM-g
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P01irVU4RwCJ6bnwxZzKYw&google_push=ARnp8GDhA0bWp2LP8WMU-mor1VDGR1CI7uihPv1RYqUMGogkYc8pemxOzgCpxWZYufnKPyeP71XJKov8FRzcivttFsaRw3IM-g
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=P01irVU4RwCJ6bnwxZzKYw&google_push=ARnp8GDhA0bWp2LP8WMU-mor1VDGR1CI7uihPv1RYqUMGogkYc8pemxOzgCpxWZYufnKPyeP71XJKov8FRzcivttFsaRw3IM-g
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 18 Jun 2022 04:31:53 GMT
pixel
cm.g.doubleclick.net/ Frame 1C39
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGwF-Eju3XVNsBNI_4YYp-s&google_cver=1&google_push=ARnp8GBPpwC56yMyEMDHRvebT_KkIoBvtFBHwOwdty77S7Toq4czY_CWgUnnXF4lJayZ4oN3Ln52l3j9JPJImCmZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=j668rMEzR92t6CQHXhG81A2&google_push=ARnp8GBPpwC56yMyEMDHRvebT_KkIoBvtFBHwOwdty77S7Toq4czY_CWgUnnXF4lJayZ4oN3Ln52l3j9JPJImCmZBfwX34qlPKg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=j668rMEzR92t6CQHXhG81A2&google_push=ARnp8GBPpwC56yMyEMDHRvebT_KkIoBvtFBHwOwdty77S7Toq4czY_CWgUnnXF4lJayZ4oN3Ln52l3j9JPJImCmZBfwX34qlPKg
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Jun 2022 04:31:54 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=j668rMEzR92t6CQHXhG81A2&google_push=ARnp8GBPpwC56yMyEMDHRvebT_KkIoBvtFBHwOwdty77S7Toq4czY_CWgUnnXF4lJayZ4oN3Ln52l3j9JPJImCmZBfwX34qlPKg
x-host
tde-deliveryengine-production-d59578b4c-vfspr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1C39
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED5K8MJnVu8EWlVnxb13FEE&google_cver=1&google_push=ARnp8GAClQ0nDLYhbxNeDqD0IvapU4y0eUCvB9HeYtj6dgi6pRZF1Vnl-VUjEhG2Mx4yNeQugaO...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRFYwNVEtUy1KWk9P&google_push=ARnp8GAClQ0nDLYhbxNeDqD0IvapU4y0eUCvB9HeYtj6dgi6pRZF1Vnl-VUjEhG2Mx4yNeQugaOnvzZge8u3Wv6eP18T8pI5tw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRFYwNVEtUy1KWk9P&google_push=ARnp8GAClQ0nDLYhbxNeDqD0IvapU4y0eUCvB9HeYtj6dgi6pRZF1Vnl-VUjEhG2Mx4yNeQugaOnvzZge8u3Wv6eP18T8pI5tw
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRFYwNVEtUy1KWk9P&google_push=ARnp8GAClQ0nDLYhbxNeDqD0IvapU4y0eUCvB9HeYtj6dgi6pRZF1Vnl-VUjEhG2Mx4yNeQugaOnvzZge8u3Wv6eP18T8pI5tw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1C39
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1VOnNuJCwa4KxrdOmFdwAAAp8AAAAB&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_push=ARnp8GBQdDtF1x7p_kRv2apmih3hMFN_hdo1BGbuGmjybPM8xCb...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1VOnNuJCwa4KxrdOmFdwAAAp8AAAAB&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_push=ARnp8GBQdDtF1x7p_kRv2apmih3hMFN_hdo1BGbuGmjybPM8xCbpDhvbr2S5mTfL9Edtg7FkVCA9BqVxSVnTkN1_U0E6oxz2xTY&google_cver=1
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 04:31:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1VOnNuJCwa4KxrdOmFdwAAAp8AAAAB&google_gid=CAESEMdooxDTPd6CGtrpmuNm3VI&google_push=ARnp8GBQdDtF1x7p_kRv2apmih3hMFN_hdo1BGbuGmjybPM8xCbpDhvbr2S5mTfL9Edtg7FkVCA9BqVxSVnTkN1_U0E6oxz2xTY&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Sat, 18 Jun 2022 04:31:54 GMT
pixel
cm.g.doubleclick.net/ Frame 1C39
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-601a4669-80f4-4065-8603-713fdfecf478-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GDtig-65qHLz_hmXreK3...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM&google_hm=A2AaRmmA9EBlhgNxP9_s9Hg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM&google_hm=A2AaRmmA9EBlhgNxP9_s9Hg
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDtig-65qHLz_hmXreK3vofL2PXr08N5Is94coM4a8mmtKOT4_qFEKi6xrOHQudk5YAintSgDM8ugVFgmmkDSl9LlABCTM&google_hm=A2AaRmmA9EBlhgNxP9_s9Hg
date
Sat, 18 Jun 2022 04:31:54 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX601a466980f440658603713fdfecf478003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 1C39
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuA2qgqZ2XUyawV6GYcNntX7rR1mnMfERFapo_GyQU_gDGXWMzKbKYKyr-4G3wt250n_0K
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame E22F
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
index.html
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
29 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2200fb773bcc45a03b92e6164c3187f5b1e7b970868c245525f7a7aa3cf6f701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:54 GMT
expires
Sun, 18 Jun 2023 04:31:54 GMT
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1A2E
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuV1J7zypAIN1QRdCVMDLv1zvfvODKeprM4QAep-4net7GYOyGJVK82q4NyyLIgSyR36FBSaG36wm_UVD5g4Pi8hi7P6N2bThzhtsxP2aYB8-v04h071GNQgd_xbTlu3VDG7wS6Mw-QyMDYT7qQsDa8x6fp_mB5KjcCWw03d44QGbpPm2zxM0uSerbyNUg52d_a6KPZssZYDXFQIE_KlnQu5w4AvMqOtPNyhdVuvQAyjhvgj9mcavJ2urkoefWq19xULGZAoL_20lmMT1Mceu8285iYwsQOyz5CXk9hxyrnx3U9VhPlNdDphwnQn63QGEwcKdKBQv4QNgXqW1ZPNIUTsVovSFw3cSkTxpAigZcsVAFNgkURs9oKFgNOjNxJ9vhfveST_ZG3eVb_A3ko0iTAairfxhcInRuf_vi_i0GGWHifPCK0KK4ca4rXhloR-XC9OaZFT-FAKQ5PR-PlRGkYHsjTsh4HMgO6gNRfnuwnV_xxpvl91MtD_VxTVwcXyE-87kuxuGt-ThYbR4EsjXfw_f11Erx1XwyGkm_cuNUUsMwZXNiUM8AXCxkIajTXMVUIcHmKF4nWo2PBxStA3FpHL1CAJyq1C8Zlc6vaEt2Kqhag57KBbh2yIckP4JZsSubCKf6fBryitiJ7xOGyT-R_VizfkHO1CxaT_Fh8v_IuvNsLbTAwqczNausfdAzrOJpA3HJ5iwTmFJuPRUOk7gbs9G6HyQYGRdd6t5_9KQFUQbLrQeF7cFT_RlgTz1HO-jmJQ42_p1alUawHFRrgRK3WGFQRptz7pxv1zbHxdWmSLKamz0rfZtrmFerZd6sUzhL2lLJxgBOoLadwBzMc5crkiZRQQcshX5d3X6ZJ5Z5otsZfA51vUJD6I_SR8X2pCYpyvhQx728YBWIxPgFLcg-CzDwcuhPCIlkQdT-rbNhVR4iqtR_Mxo0xLRApYFUEzMs2YgjKN1HjGMjzDbbCiFlkqsbJKFhRatQ0Hje3YtmVJyMKmXlYdCcGQ86zvLHYCkg41oJbF2SPQFb7nPNSavVn9ylO2naL8R3pZ03jvHCjxs35pGlwD0iILIaS_cyMXmoUb9xIjANFhlVSY8iBTE8yL5F_2TzeYvpEBmOX3XHfrst4V6AyCt-GLHYKjyWta7bU3EVT8K9MxHvpc6MaQRBbCBVNwibvsMlMFOpLhHiwhABWBp572XHKcen5u-u2V67F6fA6maaypiidmp3rc7LTZ7TsdFUdq-IXvVdJIpBPKoZbtdNyKXg7yivFU6tBydFQ3QoJKN33G8lBT-hI-kGE-kqiYGEfcXDU8cb56zaj&sai=AMfl-YSF4pPilZWp-xEFfTGbDsNYycgu4dVF1g9AjWAwDU3zvHxd6KmqcCG23kyyERDeawfCm6OyKzefJKFvcyofvMb9p-dBGlUc8CMGq3tqwe896PfAFz0h3zgz5UcvAkrGqBkyIEcocfoZXjfTpMVqAeMIu6mwilsepB-_sKf_4C0m70rV8cYSPfauBDF6PJSSooFVJiih02hdkkTefhMkkGfS&sig=Cg0ArKJSzEKCmX2UiymaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&cbvp=1&cstd=285&cisv=r20220615.83696&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 18 Jun 2022 04:31:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
analytics
tag.yieldoptimizer.com/ps/ Frame 1A2E
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120264&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=576356007&pxid=120264&
43 B
65 B
Image
General
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=576356007&pxid=120264&
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=576356007&pxid=120264&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics
tag.yieldoptimizer.com/ps/ Frame 1A2E
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120265&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=836210025&pxid=120265&
43 B
65 B
Image
General
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=836210025&pxid=120265&
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=836210025&pxid=120265&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
src=10568357;dc_pre=CPfV4M2VtvgCFYaNmgoda0wANA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1846322437
adservice.google.com/ddm/fls/z/ Frame 1A2E
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=10568357;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1846322437
  • https://ad.doubleclick.net/ddm/activity/src=10568357;dc_pre=CPfV4M2VtvgCFYaNmgoda0wANA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1...
  • https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CPfV4M2VtvgCFYaNmgoda0wANA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=18...
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CPfV4M2VtvgCFYaNmgoda0wANA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1846322437
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CPfV4M2VtvgCFYaNmgoda0wANA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1846322437
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
29 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2200fb773bcc45a03b92e6164c3187f5b1e7b970868c245525f7a7aa3cf6f701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:54 GMT
expires
Sun, 18 Jun 2023 04:31:54 GMT
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 94E5
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqfl_fL6srazwGgFsWG188HUvCPIkuS24MjFhL_QRGDvhDCstRSxRu9asK3jXiv2aw8UzjitNjEGMQxGQ53a8nkCFy0oVgCGaQojz98JZF5bUZ-iKjWvm_sLQm4cCtqKLKNoC-E7u9cnJfNLOBJ6255tek3tkh8lT4R4JhcQ7-l5pmligIMvFKcYt_agIkwBrCW-7Rhy9056IdFZ10sY7xXpORN8zpZYDmpPorbFPlXuIg8zVJzZDbf5rNBZek4TpJ0BlyZH-wAfsgUKI0uCgGpNK3dNjoGQA09vtqS5JwwB2C4AdBfzpq4dBa0Pt2RKkVMefDnzuc8opuCodHUzkZRSHWeKUPyM9PorqdPbV_UxrvPYWs_40e-EPd-SL80F6rQChuR02mc7Gkw6rPQb3J2OOvodCuuwVrbySQendmd3RqQqm06oXVI2voYQcM9AtgEyE3XMYuqeMZ2YRgHTyrcCs7qHqHzDhBtPthVBmBtT6Bi0BWV1KgtyEcB979SuNMfpfM9H3MgSO-jiMBIW8rdg05QsehkMbjAk2umQDuhxcfYUFjm6Q6sMhc9SuuTh4K5DLg0B3Wg6KtpUEV0Nx9k_EowWko_PKamESgcOs2m4ZqxPPyKqM-ZdFJPTODJkOrmBSmcZ2ZUAfNGLse4lZPPy0cO0p6tOj-vxkJQUAylycnmo2Zj5bt5GgNB2OXdAtJWXSCF8I2eDIa3i25MQOnJP3qqDhNXEpx3B1PUQJdUovLeIgp9Ml3KmLuE8ofoAnV1QQWbgOMbjmcDfI15zVtFQzmE342glhz7Re70FKu1Bi5QbzLBFVJnXnj9dhiF5G61A3dxguWU9c3Vtj_h2x-p2xFxtyuyn27OU5_xboqchQSuzWIbt6KksiT2SbtHOHfzWKY_5ZseP7YaT9TRJJjCNj7XKXp_rubMiLDhWThhjfipOdpGVgW7Q9nd19G-KSpWayFr72BUNGdnacD-GZdXW7XxSjOZJBm1llpXzH2LMOUZQboY14Cx3ws_8CxDLulW-rMAIgKlD4629_ZykceEXlV5R3gcFhnhk7lQmXBU1Yag7gi8eaOq3UOfuTA_gqSkm2ItU26qhWsqtUm9VbXcLmv9x0i8phiXfQl-g8r8Gii9IzoDP9TYYXhx2l7BOJFfy0qboGarp722sadOlNki4j1qnnmboRy8cuKdndgSPDNeK4nPgWDFQ2rqY6R6ZY3DEsE5jFrai-6Q9QSB6tftTq46akUUwf3kP0nk73ynTFC1rKnTY7TxPiapbA3Yuecnkqwrqm201_pTYt8nbxAfsE&sai=AMfl-YQk3qMv6qubcY8A4Kv-x7Q_Txdq_DGieXHL6M2M7ZEWNQw2PoLGszWlb1AIDl6Dr-E9LYcem5hbDAhzdJ7iKhfXGnqyA8uu0NlmeEBW-QUEE81fHAfsk5se5qnqlE9VFF3LzX6R406b9GX8wCr_LUhHiMUcL3MRvnIokmRZGcSYH7z1zdk3BDOuiPMr2dAIx9pKyETUbrXJOf0pu-YbP-dN&sig=Cg0ArKJSzMMGNOGzmNJxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=285&cbvp=1&cstd=282&cisv=r20220615.70622&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 18 Jun 2022 04:31:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
analytics
tag.yieldoptimizer.com/ps/ Frame 94E5
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120264&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=337339905&pxid=120264&
43 B
65 B
Image
General
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=337339905&pxid=120264&
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=337339905&pxid=120264&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics
tag.yieldoptimizer.com/ps/ Frame 94E5
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120265&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=317798839&pxid=120265&
43 B
65 B
Image
General
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=317798839&pxid=120265&
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=317798839&pxid=120265&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
src=10568357;dc_pre=CIvX4M2VtvgCFVTzmgod7iICDA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1405950402
adservice.google.com/ddm/fls/z/ Frame 94E5
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=10568357;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1405950402
  • https://ad.doubleclick.net/ddm/activity/src=10568357;dc_pre=CIvX4M2VtvgCFVTzmgod7iICDA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1...
  • https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CIvX4M2VtvgCFVTzmgod7iICDA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=14...
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CIvX4M2VtvgCFVTzmgod7iICDA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1405950402
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CIvX4M2VtvgCFVTzmgod7iICDA;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1405950402
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
29 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2200fb773bcc45a03b92e6164c3187f5b1e7b970868c245525f7a7aa3cf6f701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:31:54 GMT
expires
Sun, 18 Jun 2023 04:31:54 GMT
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BECE
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyrAGe5NWHe5WBoGxZMo_UY7M-QDO9slt30QU8zb3rSQEeUcAiRSekKk29JIBIHHLuF5l9UCI-TvP5sbtMs6c0e4xyaL3owaVrkUqdxhGQfDk5FvuVw7K3h4uFmk6n800HauiMOo44ZRy239eT1zn_Mq53N41Fo9u0X-hRESYeK91CNihwUsVP5LZt7SZDniBvie8pnrY5aYqh4t_v6wa1tpBoUQABvbefabAzJxoinLU2F0ico6KTkh5colcz9Qdt1eNrjh6phU519YYsejhH16h6PuBxuukoXU3H4oriShK_wWEaB6nviy5ZQOSuF7qzsHDwD39fx3PeYJQ15lKxGjhI36qAfsgQysrn1xu8277oxZzGNwcyJFxTOXUP6X2C5EVwWopEK1JBnVDQhTyon01az9TBncDEYZwv5caJ3MSX1pQKfitqGIZc_bEAnL8adjUoMF08VMiG5XtJaZohvPgvTMTrccISSgdBLTcIECK1xF0nJWqzvTaPGuUJMS8BpNaxNggORncxwDGB5aPz6UyCcoXsvxXKJZl032Ez3Sjx_lx8ZWB4adoF8L3xD8Rzi2EC_CZmiqLXnXmuJNJbcp_OGAbW5XeQfqvkhWVnrFOySIUc0Ipk-AoVSTuyoyvdJioBfBcOhE8pxO-Gi2IYyYUmaZ4zz0NeFXJSlqPLkZCtLlNE_2AZnjinUDNRL9RXvvpRoNA3ELxvb96z_z7iMApPz7Sh0vyJCptSR57KA_TAQzHZ1lEDXwOxbBTy9TRqGXSgZqhE9_m1SgORBZonWq3IaKCo0O8cX23gfjDdFUZojqrmaU4RM57Snhtm-y8aT09JncCBqehmyn3Wwt0Srpi7iHttPxS-18Ji_Hwvdf2eIHf1mHOrALZ30FHOK1GsbFuF9BemAju69Rvoji1oyNfUQCmWg6zdLn0Hsp-t-63-TyBI47EJuie_YSyduwo1wrCUUmQCcSwgPDu8ZP7oD6MykcfkF1oUkP6EUQQ76St8t9YgSHGcL0-6qdgMgf-bzwEnmQ3YjH23zn3DLA-ts4SguyHy9gzeLAnqxJLobHWbvAa3Do7TpGfqGvUcZGfgoeSZQeGXIcB54GovV-RvaUVRXO4arift5G7-5zMKCihRseKwbzNaWRmTW7ErBX2M7QYhXSZpb70qj_9Ve5WnrH0ZICzGsOczftrf7GKhmJMZAUXb1QYeRNflJgW1nJTWiKkt19CweGcyYMwJ6w7CSYHF2jYC5Q23GWtL9VxY50-2qQugOcv7AE5OO5Ml5Gkmk1tDobK8OOETlKRb1uVc1CFwrJxUbu_8EHygpQ&sai=AMfl-YT_UqZgKGPU-SFAcynXsJmqHu2yMHfYc_oOkoC_VakKENCn3zQ_fKXhfaj6Deb_7bfIsBL47KB7x3vZf56RWX5QB5nguUylujsVfT39WuyYaeN-5sYBNawPFzrnFwAV7_UUeiF5FcnMCZpXh_zlxI6oyrBd6heSQD9LfGdbdRqG82nUsPfadEP7W6oVgIUhCUOmvLCKoouiBuZzakcyKueB&sig=Cg0ArKJSzHFoBBUUbv1QEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=282&cisv=r20220615.35593&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 18 Jun 2022 04:31:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
analytics
tag.yieldoptimizer.com/ps/ Frame BECE
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120264&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=224483398&pxid=120264&
43 B
65 B
Image
General
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=224483398&pxid=120264&
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=224483398&pxid=120264&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics
tag.yieldoptimizer.com/ps/ Frame BECE
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120265&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=400165828&pxid=120265&
43 B
66 B
Image
General
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=400165828&pxid=120265&
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
60.212.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=400165828&pxid=120265&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
src=10568357;dc_pre=CMXa4M2VtvgCFY_WmgodOBsKHw;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1329071475
adservice.google.com/ddm/fls/z/ Frame BECE
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=10568357;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1329071475
  • https://ad.doubleclick.net/ddm/activity/src=10568357;dc_pre=CMXa4M2VtvgCFY_WmgodOBsKHw;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1...
  • https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CMXa4M2VtvgCFY_WmgodOBsKHw;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=13...
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CMXa4M2VtvgCFY_WmgodOBsKHw;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1329071475
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=10568357;dc_pre=CMXa4M2VtvgCFY_WmgodOBsKHw;type=sq_tn0;cat=singa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1329071475
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame DDCD
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
c
c.idealmedia.io/
43 B
162 B
Image
General
Full URL
https://c.idealmedia.io/c?f=1&pv=3&v=300|250|12|hrSdNNNJBAsT7F8RPZ1AFp48GcyF32B3wLvc4h_VFlig17g9_1zCtO8JeW-x2Nme&fw=1&extjs=66044&cid=1296171&h2=qfhc2xK2KoQKzoip0ATWKkRgECLkbhqjWY10mOTk7KU*&rid=93de1224-eebf-11ec-bf1e-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=1817514e5ad96db5d2c&cbuster=1655526714215629736261
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c500a8a5-aef1-4c73-a3f0-710e0ce65a59
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
71d14c4bf92b35bf-MAN
content-length
43
server
cloudflare
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame CD2C
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 9B41
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
55 B
103 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
731 B
263 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
24 B
72 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
157 B
144 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
281 B
187 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
googbase_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
400 B
304 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
20 KB
6 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
8 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame E699
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 11:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 11:41:25 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
13 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
2 KB
716 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
687
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame E699
5 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=bWAT2GR3Xc&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
55 B
103 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
731 B
263 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
24 B
72 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
157 B
144 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
281 B
187 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
googbase_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
400 B
304 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
20 KB
6 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
8 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 09D1
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 11:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 11:41:25 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
13 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
2 KB
716 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
687
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame 09D1
5 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=tsnQnPB1Zg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
55 B
103 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
731 B
263 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
24 B
72 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
157 B
144 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
281 B
187 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
googbase_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
400 B
304 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
20 KB
6 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
8 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame D9F1
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 11:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 11:41:25 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
13 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
2 KB
716 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
687
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/8063116472561986134/ Frame D9F1
5 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8063116472561986134/index.html?e=69&leftOffset=0&topOffset=0&c=ZtbNi0O3nl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 15:07:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 10:56:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A2E
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuV1J7zypAIN1QRdCVMDLv1zvfvODKeprM4QAep-4net7GYOyGJVK82q4NyyLIgSyR36FBSaG36wm_UVD5g4Pi8hi7P6N2bThzhtsxP2aYB8-v04h071GNQgd_xbTlu3VDG7wS6Mw-QyMDYT7qQsDa8x6fp_mB5KjcCWw03d44QGbpPm2zxM0uSerbyNUg52d_a6KPZssZYDXFQIE_KlnQu5w4AvMqOtPNyhdVuvQAyjhvgj9mcavJ2urkoefWq19xULGZAoL_20lmMT1Mceu8285iYwsQOyz5CXk9hxyrnx3U9VhPlNdDphwnQn63QGEwcKdKBQv4QNgXqW1ZPNIUTsVovSFw3cSkTxpAigZcsVAFNgkURs9oKFgNOjNxJ9vhfveST_ZG3eVb_A3ko0iTAairfxhcInRuf_vi_i0GGWHifPCK0KK4ca4rXhloR-XC9OaZFT-FAKQ5PR-PlRGkYHsjTsh4HMgO6gNRfnuwnV_xxpvl91MtD_VxTVwcXyE-87kuxuGt-ThYbR4EsjXfw_f11Erx1XwyGkm_cuNUUsMwZXNiUM8AXCxkIajTXMVUIcHmKF4nWo2PBxStA3FpHL1CAJyq1C8Zlc6vaEt2Kqhag57KBbh2yIckP4JZsSubCKf6fBryitiJ7xOGyT-R_VizfkHO1CxaT_Fh8v_IuvNsLbTAwqczNausfdAzrOJpA3HJ5iwTmFJuPRUOk7gbs9G6HyQYGRdd6t5_9KQFUQbLrQeF7cFT_RlgTz1HO-jmJQ42_p1alUawHFRrgRK3WGFQRptz7pxv1zbHxdWmSLKamz0rfZtrmFerZd6sUzhL2lLJxgBOoLadwBzMc5crkiZRQQcshX5d3X6ZJ5Z5otsZfA51vUJD6I_SR8X2pCYpyvhQx728YBWIxPgFLcg-CzDwcuhPCIlkQdT-rbNhVR4iqtR_Mxo0xLRApYFUEzMs2YgjKN1HjGMjzDbbCiFlkqsbJKFhRatQ0Hje3YtmVJyMKmXlYdCcGQ86zvLHYCkg41oJbF2SPQFb7nPNSavVn9ylO2naL8R3pZ03jvHCjxs35pGlwD0iILIaS_cyMXmoUb9xIjANFhlVSY8iBTE8yL5F_2TzeYvpEBmOX3XHfrst4V6AyCt-GLHYKjyWta7bU3EVT8K9MxHvpc6MaQRBbCBVNwibvsMlMFOpLhHiwhABWBp572XHKcen5u-u2V67F6fA6maaypiidmp3rc7LTZ7TsdFUdq-IXvVdJIpBPKoZbtdNyKXg7yivFU6tBydFQ3QoJKN33G8lBT-hI-kGE-kqiYGEfcXDU8cb56zaj&sai=AMfl-YSF4pPilZWp-xEFfTGbDsNYycgu4dVF1g9AjWAwDU3zvHxd6KmqcCG23kyyERDeawfCm6OyKzefJKFvcyofvMb9p-dBGlUc8CMGq3tqwe896PfAFz0h3zgz5UcvAkrGqBkyIEcocfoZXjfTpMVqAeMIu6mwilsepB-_sKf_4C0m70rV8cYSPfauBDF6PJSSooFVJiih02hdkkTefhMkkGfS&sig=Cg0ArKJSzEKCmX2UiymaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=672&vt=11&dtpt=382&dett=3&cstd=285&cisv=r20220615.83696&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame BECE
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyrAGe5NWHe5WBoGxZMo_UY7M-QDO9slt30QU8zb3rSQEeUcAiRSekKk29JIBIHHLuF5l9UCI-TvP5sbtMs6c0e4xyaL3owaVrkUqdxhGQfDk5FvuVw7K3h4uFmk6n800HauiMOo44ZRy239eT1zn_Mq53N41Fo9u0X-hRESYeK91CNihwUsVP5LZt7SZDniBvie8pnrY5aYqh4t_v6wa1tpBoUQABvbefabAzJxoinLU2F0ico6KTkh5colcz9Qdt1eNrjh6phU519YYsejhH16h6PuBxuukoXU3H4oriShK_wWEaB6nviy5ZQOSuF7qzsHDwD39fx3PeYJQ15lKxGjhI36qAfsgQysrn1xu8277oxZzGNwcyJFxTOXUP6X2C5EVwWopEK1JBnVDQhTyon01az9TBncDEYZwv5caJ3MSX1pQKfitqGIZc_bEAnL8adjUoMF08VMiG5XtJaZohvPgvTMTrccISSgdBLTcIECK1xF0nJWqzvTaPGuUJMS8BpNaxNggORncxwDGB5aPz6UyCcoXsvxXKJZl032Ez3Sjx_lx8ZWB4adoF8L3xD8Rzi2EC_CZmiqLXnXmuJNJbcp_OGAbW5XeQfqvkhWVnrFOySIUc0Ipk-AoVSTuyoyvdJioBfBcOhE8pxO-Gi2IYyYUmaZ4zz0NeFXJSlqPLkZCtLlNE_2AZnjinUDNRL9RXvvpRoNA3ELxvb96z_z7iMApPz7Sh0vyJCptSR57KA_TAQzHZ1lEDXwOxbBTy9TRqGXSgZqhE9_m1SgORBZonWq3IaKCo0O8cX23gfjDdFUZojqrmaU4RM57Snhtm-y8aT09JncCBqehmyn3Wwt0Srpi7iHttPxS-18Ji_Hwvdf2eIHf1mHOrALZ30FHOK1GsbFuF9BemAju69Rvoji1oyNfUQCmWg6zdLn0Hsp-t-63-TyBI47EJuie_YSyduwo1wrCUUmQCcSwgPDu8ZP7oD6MykcfkF1oUkP6EUQQ76St8t9YgSHGcL0-6qdgMgf-bzwEnmQ3YjH23zn3DLA-ts4SguyHy9gzeLAnqxJLobHWbvAa3Do7TpGfqGvUcZGfgoeSZQeGXIcB54GovV-RvaUVRXO4arift5G7-5zMKCihRseKwbzNaWRmTW7ErBX2M7QYhXSZpb70qj_9Ve5WnrH0ZICzGsOczftrf7GKhmJMZAUXb1QYeRNflJgW1nJTWiKkt19CweGcyYMwJ6w7CSYHF2jYC5Q23GWtL9VxY50-2qQugOcv7AE5OO5Ml5Gkmk1tDobK8OOETlKRb1uVc1CFwrJxUbu_8EHygpQ&sai=AMfl-YT_UqZgKGPU-SFAcynXsJmqHu2yMHfYc_oOkoC_VakKENCn3zQ_fKXhfaj6Deb_7bfIsBL47KB7x3vZf56RWX5QB5nguUylujsVfT39WuyYaeN-5sYBNawPFzrnFwAV7_UUeiF5FcnMCZpXh_zlxI6oyrBd6heSQD9LfGdbdRqG82nUsPfadEP7W6oVgIUhCUOmvLCKoouiBuZzakcyKueB&sig=Cg0ArKJSzHFoBBUUbv1QEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=639&vt=11&dtpt=355&dett=3&cstd=282&cisv=r20220615.35593&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 94E5
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqfl_fL6srazwGgFsWG188HUvCPIkuS24MjFhL_QRGDvhDCstRSxRu9asK3jXiv2aw8UzjitNjEGMQxGQ53a8nkCFy0oVgCGaQojz98JZF5bUZ-iKjWvm_sLQm4cCtqKLKNoC-E7u9cnJfNLOBJ6255tek3tkh8lT4R4JhcQ7-l5pmligIMvFKcYt_agIkwBrCW-7Rhy9056IdFZ10sY7xXpORN8zpZYDmpPorbFPlXuIg8zVJzZDbf5rNBZek4TpJ0BlyZH-wAfsgUKI0uCgGpNK3dNjoGQA09vtqS5JwwB2C4AdBfzpq4dBa0Pt2RKkVMefDnzuc8opuCodHUzkZRSHWeKUPyM9PorqdPbV_UxrvPYWs_40e-EPd-SL80F6rQChuR02mc7Gkw6rPQb3J2OOvodCuuwVrbySQendmd3RqQqm06oXVI2voYQcM9AtgEyE3XMYuqeMZ2YRgHTyrcCs7qHqHzDhBtPthVBmBtT6Bi0BWV1KgtyEcB979SuNMfpfM9H3MgSO-jiMBIW8rdg05QsehkMbjAk2umQDuhxcfYUFjm6Q6sMhc9SuuTh4K5DLg0B3Wg6KtpUEV0Nx9k_EowWko_PKamESgcOs2m4ZqxPPyKqM-ZdFJPTODJkOrmBSmcZ2ZUAfNGLse4lZPPy0cO0p6tOj-vxkJQUAylycnmo2Zj5bt5GgNB2OXdAtJWXSCF8I2eDIa3i25MQOnJP3qqDhNXEpx3B1PUQJdUovLeIgp9Ml3KmLuE8ofoAnV1QQWbgOMbjmcDfI15zVtFQzmE342glhz7Re70FKu1Bi5QbzLBFVJnXnj9dhiF5G61A3dxguWU9c3Vtj_h2x-p2xFxtyuyn27OU5_xboqchQSuzWIbt6KksiT2SbtHOHfzWKY_5ZseP7YaT9TRJJjCNj7XKXp_rubMiLDhWThhjfipOdpGVgW7Q9nd19G-KSpWayFr72BUNGdnacD-GZdXW7XxSjOZJBm1llpXzH2LMOUZQboY14Cx3ws_8CxDLulW-rMAIgKlD4629_ZykceEXlV5R3gcFhnhk7lQmXBU1Yag7gi8eaOq3UOfuTA_gqSkm2ItU26qhWsqtUm9VbXcLmv9x0i8phiXfQl-g8r8Gii9IzoDP9TYYXhx2l7BOJFfy0qboGarp722sadOlNki4j1qnnmboRy8cuKdndgSPDNeK4nPgWDFQ2rqY6R6ZY3DEsE5jFrai-6Q9QSB6tftTq46akUUwf3kP0nk73ynTFC1rKnTY7TxPiapbA3Yuecnkqwrqm201_pTYt8nbxAfsE&sai=AMfl-YQk3qMv6qubcY8A4Kv-x7Q_Txdq_DGieXHL6M2M7ZEWNQw2PoLGszWlb1AIDl6Dr-E9LYcem5hbDAhzdJ7iKhfXGnqyA8uu0NlmeEBW-QUEE81fHAfsk5se5qnqlE9VFF3LzX6R406b9GX8wCr_LUhHiMUcL3MRvnIokmRZGcSYH7z1zdk3BDOuiPMr2dAIx9pKyETUbrXJOf0pu-YbP-dN&sig=Cg0ArKJSzMMGNOGzmNJxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=658&vt=11&dtpt=373&dett=3&cstd=282&cisv=r20220615.70622&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E22F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_Hl6OVWtYrjVLN2FlQeEuKagBQAAAAA4AeAEAg&bg=!OjmlOX3NAAbASn8N4Eo7ACkAdvg8Wnwn6dQY4SDeFdOsoX0mjVf3iZXZ07gaE4rDLKAwD52kMqQQ9QIAAAECUgAAAAFoAQcKAGF43R-icf7e3-3aXs3r2tMRzWoqmnLnoPd6GwpqTCvE-rQb5hK5QscmjlVBgHcfs-VQS872YMpmQw0ItaiCACx-TrV0oa9PZlICo8kZ5oh9oWEXlAiIsgMF9HYuWLdRbmsxmQLbhbtPUBccgKp5h17qAJ4BL4_8kVOyWOXNjSW9WpTJbT2_9bL8n0QK23HC8CWBlYtBaracjJtc988mXjeFnxjTX4btjRJiA5NAbq_IncTIyoaLKp5aXpPcYx3SHp3wk3fAmp8Y3TifQ5h5uX0Gd80PAAuj-KScsSDsuybh98-kYIrIDGYVXS1Web9qXSQWQU31e66V21hxpk3tm8v9XiD5LtgVYwSTfJSf-jtm2LfPzswfsQJIn2co87kz86EKljIcsNSZbIwTv8luLjlpBOFQCdyQ_iBoLOhlxmnPwpPgRwkhvStx5TiJ3xhEo9EuXPedNGLHIXKQQTNLVPAeR5O2hFplLQMGUDhB76zFjcld8iWrCOQxPy06kPWTz_0IwG3KanNpA43knv0oY56aEeqOr-SImP2VPEAOwa5PmvtpMDQWnEcr6tb5W8tED_axZOd2v2IiEztuQO9r31GpeI6aBhvyaQa6aY666Yp8_ZXoyOR8dl3gJa62b6aS6-6p8iUAe0jdppP1iya7GySDNsTUeZpQKcxwMe3IYidLGFpdDsKl9RSCsbXHFqMmFzBG1D_GmozUDhETfMAUj_ox_THcGiUTkwqn7MOzVIhltMyY4tjqbf3V-zTy-PacnBpelIOQ_b5Omxo8NGpufd8IOz_jdX2HTebwfd-_7_r-wGmPr--M5p4FcS-PN1BQpLyLFzIfwH5DCne8eOyswZseDO5ZBZENFYX11z9hsf01vX_1wTMeFFLm9mu3Pc8977x11v4rEpMejOGt3F4gbYJ9jsvgvu76PB6W-X9csTC3zsrJgWbA9lvEeVb4yAlPXNnEPOYcaRVGRMiDlWaOtILENWQfoX8FcVoD8c-7Eni2G5WlZVDjsbB0OSGquUwSljj0yeCt-WIfrlgUjlJHpaGTECcuPaEXs1WPJDsccKeoM5XXXhlJgHisExcB1c9dDRNkptTuSmD3ANQhavEmudM
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E699
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ca0e24866f6068cd875952cbb9d5b9e92fb9c648f299232fd045253f436fdb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5697
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D9F1
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba120d10bee74449a7ad13ea98a935146b60a0021264a25244ae5380f843d6a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5501
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 09D1
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6adba150b92b1c42336eb509d56a051bc2229046a0822fc77008f65749089830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 04:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5388
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 62D2
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQGrpbel1Vm75X2FpG9NA_yEc_GneLtW7-j2kKAKDT0D4gx5EV3OIwwBOxPO-0fjWWuf6jD6Tbou9jms99sTO-ARlCn4Q667ImEGgRz2YqZ_HvlwOvXPDgntUTdfs&sai=AMfl-YS5BsjudmWZFrIQbZ07UzE8vnWBLJFTMv56idBSKwVIh_WhSD-s8wg7Em__B8FJMUjFVmyCvsbiM1Sx&sig=Cg0ArKJSzOkif5yhNsm0EAE&id=lidar2&mcvt=1020&p=0,0,90,728&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1130233035&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655526712969&rpt=606&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD2C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5VNIOVWtYsrjLa2xlQe6u5uICgAAAAA4AeAEAg&bg=!jo2ljcnNAAbASn8N4Eo7ACkAdvg8WuNujoBSOfsgZ1jpe7qgp9w7GTR6O5z5B4bAUVSm_al-CZcUBQIAAAD9UgAAAAZoAQcKABsjLYjbNAW7n7OFdG5V-F-CMxDEmPiDI8h2ZnaZAtzXlX5CBdB76ZETDEVrj4UEKGaEUlFQQpbPXSQFJrDtnOiYnlRQBdru6ibfdZWIuVBzhALpETopzaQ5GHYjs5upyg9y_8CFv69q9h4Eiqfp0_UspA0ALzAjRokUL6CciqWcNNMGq6LyvgM2zGkeODNPCM8JzNCp7kJ2Qn0MpzMIOkwkGFzBWTniVYsEMM4SRiamfGXTozRx0KG_RMSN20pw9W3cDXGFTRJPySlOhMXykPJGWeWATzgdxO4MrqCvKvkte9-vRo9qmzxqrq8mCgJkUMZxUEvknxmIxzeKhCvcC4T8fXOoR3uO068Cete_xT-s4IkglIaGVV5Kl-nyTzZrHOwWJITOpK6Dal2LLnHEzjwspudxJl1f8cxB_ZVuItsueEI0zX8Pn6P8ONZK0vCBCRPpcoFcJDiIZ0adZMMpIOHytbXw9MHKm4bCy9DsVXH6mDLmWFEX1mTLcxJxIq0bN0wvBgw4SHUPBiZ5addcZqqVehCsYRjW9qOjDHLdttUILFwXMJ73b6yvTQbjZzNKXEU9AyJKwo1lLuqDWj7VrKRFNpy9-CC-wbhO0sWvBcb2CD7m-oGUekyYdyzcnxcxE1rLjB5byxzZgIIpRN4poKLv1TseH6CaFoBEo1jDrFQByB-sgfjQnix7OIYxNZMiGO9uz79Hh_HMsJ5CX8HKUEP6t6yaVYAQTQMZE3O_qVwzUUg0iL90ppPCvTVTV9YdWya-Gl-ifH1vm6cQmDgetxyLmgKfIUhIqUqW6aqN7pgzvxiA-d86Zp0QwOd4Kjf83g2U5lMOBzI_Lf-DBhfD09bLfkakW6meLrNpyxfUIa0GqW853XvTszKrXvUpfHGeIB_L53khUVfJ0m7EON3NnehiFODDdNnUSeKZILlogYjvmiKybBDTletXE5VwvGUHE7KasIDJWvMqw6ZeR_h7aidN33CGht-SwpeoPuHZL55dW4yXhd5GCe1udMM
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B41
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8PBGOVWtYu7NLZXQ7_UPp_2xaAAAAAA4AeAEAg&bg=!3N-l35vNAAbASn8N4Eo7ACkAdvg8WvctlgPzv33XhtRvRsBxg2N0RZr2b3bVcffRJtkxgdNYYP45AgIAAADyUgAAAAVoAQeZAuJhKihtesadPA5ucsL6flyWo1qf8MtXTBPlXVQ_2Xsxfl9baCtO44jRqhYcxpREByy4UlURPramVO3skkGcKNIWDDv8BXhVrIsUZc17IAvDOgblIWy86QhVwBa1dh_va6Oy965xv71iNs2l9W5IJu0WkX_tAaOj8bnno4CouB4Ws_Zkd_v2haqtrV8ub70EI8n2QFaATFdNUqOf0a32PaHLrjkyn8qFxCeYz2Am8BiHxnMdaEmCWTbp2U2zSy3Pn-TRscBO9XLqzZL02z6hUqkLdDpjjP5NeecpdFHRqmmHTkqg_LDgKq9DYylLOF1mSyKbR-MYi6s07VQFKhR-YrY9BCnZWGuMRoU73cUkhgKpc6c9Ke0kVm1c-M8wCvaTIm-3OvoBzc1tpSFh6Oo7T8MyhupCMF9ntVmTR5x60dHn7I0KT7acblLissEDVx-145WsNvGHJpjdPQO9TJgZ48XD38VECrwYsgJkfdBtJ0UDvnHMFqVIdkU8QoGt0H_3lonk-uIgzPlOLDWG-FKPqWMDRLwdnFeYhizcYjpKfTLbQbGUpTx54SzL4E8whF0VqjZH2NVRdHk705LdLevpgJ-EPAQ0s1IkjzrdmAXwe7-eQPHD3cu7tuoy8MaEapyodXBzYJFeMOYOP5SsJq9Crwh2dfq3M3BYIqvryr2WhXa59BnYOK3kBDqjKZeGJDIf8soDNnO3AA3F5ySpYaMLZM00c_izP8OSU91_u1fdpFWFHCfVpWO6xrPCfzp27AGH63Af78KGrt7g_PEEaEtkRanFML4VDx6AznqfOlbGirGd4Hq9e7P849pGuWVSGkEhCINUpsrg56ShlhUedSHWoPCFh6n3Cex-I-BlFuS-B3ToRwlBidriPvxr_355_rkEPCi_55HBCR-Yd5e70Rx83tixr9qUCv5bcMrc4OOt8nyWvc1kIz-1q1D8vrlHtxB512jv9oUCI6gM6bjTr13CdZa7RbI
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDCD
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc3M4OVWtYoiWLOzO7_UP9uO2kAUAAAAAOAHgBAI&bg=!AwClAETNAAbASn8N4Eo7ACkAdvg8WrlRcJF1hPU4W6CZRAdwbE9LWW2HtuVzVMdwJMW4MzDqJGc8dAIAAAESUgAAAAZoAQeZAuVGrefPrksgBZPwLV3NWLuJd_pO9jBSDohcNLPRYUbudQI8d1rmmhUWhfXfszr5v4eO1Pew7IEjC9bDYYcmonuQuCO4n4B8J8X2bYBLW0xaEyupBChv0suvqLExReNIPz2IG6jOLQyOrGy9_uekieWvF0-ogNa5LL0WVIvUl2qCvbHZjn600MEl-NFd6gjsqAPwHwGaYFWbqKmE8krYtmbl5Eseh3ZHkkk9xV3fZTMyr-Cow3YgBjzaDlzVSuhHfLoOzbI0pJfC5a194Ef450qXGPu35wkwd7Bk_wHVmgEDUogDFIvhsf94PaG53OZrZQ_vcFwddXOd4Cn3VBJgh7TYAT62GOVACW6PJ4fSG3QGBDQDgsXteZzSUsClY2qS-j68Q0KiHG3BY8-ea-OnqigD9WgykCZkEOW0X43Ibg113vMKVGIUhjxV3g94mq5RLDkqo7CymI3PDcMXvczeiWNtRPJ1DMlM_6hu2xm3txOhGMeqxu1zNnUF4bdAu24BwwWQ5FLDj5dfw_IHxDHKkrhCcnGMd7NUql67yM1gvZ8xO6TQ-9SH-5T_ToD-BHVznij6twN1M-1gmLuDMuvdqaw69ucN0OvRZ36xUfRDRReBXsTjXrfwRzeZRtMdM04vQVaQ5fN2kbbKmwZ5ID6sIjQP7CEAqk7EPvbRSYGmktYgp7GPhWB2G98VQLs91OjdQ7R6k2f7hPHE803LGYK53FsY3Ki5ZKDAIBaErwaPgAyVELfcZK-GpD8oIiAHGU22KHDJ4njNdqP0KwSHm-EouMAdJ0gUSIkmQglytePF8OtAHZUT_SXXYa9HjJhnvLx2NWxZpgVCJbiwBs0ATzT2UCmbxe10KiNyp_iBW_-1hOpBQvDB19tbBGfk4VmFBdXCkd93O_zxyqJxjIzwxRifmEIr0g5Lb8KjYFtfhuviR4KUzekDR9WBFuFwqKw7V7NCEIt3DVtgsDwT0b03oQ0iMtzGfGCfwDU
Requested by
Host: b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
URL: https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x250-rt-nz-cta3.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-cta3.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7140a33c0ddec2c003bcf26040ce90ff17b23353218f42f92fc066e0f6c0f5c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 15:11:35 GMT
Server
AmazonS3
x-amz-request-id
R2G53SKD7H16F84N
ETag
"23766774e55bb8524dad4f9ecd656d5e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4702
x-amz-id-2
KFZ72TljJ2reyQzS1UV/KM4AqKzdOIKZimLSbz4DZvL1Fn8LtLsJHzVGdxL1zpj307J9Z8Cst3s=
300x250-rt-nz-logos3.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logos3.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d06899b269c9296feff15c14091cbe41ceeb27986b38658689c301fe5b496c5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:52:01 GMT
Server
AmazonS3
x-amz-request-id
R2G485CWAZVV8RH1
ETag
"b0ffd27df105ab6c4cdaa92028025da8"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5060
x-amz-id-2
i65OhUG8e0oU8z6WH5DMOSBo31HE1q0VBGDZyd4mYfvx83YkKnuRNKBSM5NaVUtvD3fQPdTewKc=
300x250-rt-nz-copy3-man.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
48 KB
48 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy3-man.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ea37b58e665da0a28a3f1b626d58071c68b4c0e1dd15ad96e431fb96bb31f2c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Mon, 13 Jun 2022 11:42:46 GMT
Server
AmazonS3
x-amz-request-id
R2G9YCNBEAWEFHXM
ETag
"13a5efe7bc226a385bb90f5406451867"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
48774
x-amz-id-2
5sSJf93wqoHbyu3D8cJbaoSWJoVhHJl0ryGPop8JhGCyc8uvOlZKwGponmmtYNfUziuKS3GCefs=
300x250-rt-nz-logos.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logos.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fbb64b7006ed5b280286fe42ab7dbe6e39c921d035ea270589b0b2d38f651e4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
R2GB6CG7E4S98D5M
ETag
"5c119c038e3fd1c30d13d1fc830cbb50"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5060
x-amz-id-2
aC7/t9NuoH6uNQO7b9XTXH6ydCdzRi6kRngPybw3LKWYqI9MgaQcQPrWRR7wedlxN0tEw/wsVIc=
300x250-rt-nz-logo-map2.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
6 KB
6 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logo-map2.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
61400c7ba53dfde1a5a2378bc8dada27700cabd3fb66fb0960b05bdb1136284b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
R2G1P9HXR9BSFF86
ETag
"350f831e9fbc4e3e4314c0411e6cbb42"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5887
x-amz-id-2
I09S2mZmiziWK+Xved7Is95+7dlINCdmiwA5PdHIGaqAUmHOaK4C/2LhrtN+BvjNaa+xFfXA2KQ=
300x250-rt-nz-copy2.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy2.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c7b982a96f91fec880cb8e54fdd0202a22d13d03a5d0f8c017e202e7df592796

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:59 GMT
Server
AmazonS3
x-amz-request-id
R2G6QFJ2FZ86FTT4
ETag
"01212d41e3152c127d3cc450af6ec5ab"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5194
x-amz-id-2
SVZiyzFa+IXTFDg9rXctdeeDG9Uz5SUcO9pDTjCHju+wWQn5SafLD6NE+ZVtKer4GJO7hc6tV9U=
300x250-rt-nz-logo-map1.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
6 KB
6 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logo-map1.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
92ef7983767f43928b18619785513e4891598aa413cb6b4a5052aa4baf235f2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
R2G0B4RZ1JVQTP2J
ETag
"cb52b2b0332278b2be9a905fafb2c5a6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5864
x-amz-id-2
bcwgoZYIQC4/GLDzR/AshfoccMbpI2ZV27LfGyTtqrx+dNDhWiiMpCOvNqtP/pVan2fM9qp/L+Y=
300x250-rt-nz-copy1.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
4 KB
4 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy1.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8bcbe00b6b9f42c843eb6611419d85a2e18b43156f835ba71f4d32da834ac55a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:58 GMT
Server
AmazonS3
x-amz-request-id
R2GBRF2H91051XBN
ETag
"aae059134559b3a499f9a2a0bbb77689"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3849
x-amz-id-2
gTm8U3FzCenbSZXvjF/d2jkfrL2H4cNuceP54tlqzlhCItIisnSAG3kx4dbvOwnSjiJCEyip5tk=
300x250-rt-nz-bkg3.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
95 KB
95 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg3.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
60df271eb7d8c2fe356ef15fc4a89ae224e1a9152ec383923c10ff173d588d86

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:58 GMT
Server
AmazonS3
x-amz-request-id
R2G5724YRAPSZWV5
ETag
"34a9d49f3285b97527d13ff2d76ea3ca"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
96897
x-amz-id-2
3KnLU83vV+P/jxdkT2P6DnjK106M/ieSxJCD6f27RE8IEUXa1pZetO5dm5YeBEYBHCSAdzadIvI=
300x250-rt-nz-bkg2.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
49 KB
50 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg2.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7a23cd24f7c34763324ad1026cd79eab99b238f426eeaa7957ad7b0df91716d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:57 GMT
Server
AmazonS3
x-amz-request-id
R2G3HFZFE9X00P4B
ETag
"e4f28e37cd8e71054cdea1841d37669f"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
50638
x-amz-id-2
/c8OkunjQUw7rkjKk8S7DRcndfC6qwfdWsq/oiyI4+nNTo9nNe2X3s7IIEEyAr0qwByuApLQY4A=
300x250-rt-nz-bkg1.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame D9F1
36 KB
37 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg1.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c3e6c67445eb85f7b3e938770dd205153bc38227ad51ca6c93d780ee642d74e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:57 GMT
Server
AmazonS3
x-amz-request-id
R2GE83RG1BQM0E2E
ETag
"1dbb3e0418a4c3a57f8330707a8a8f5a"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
37049
x-amz-id-2
9vQLsxKUAcmQaEsXXGyzepWWh24MvYXPvCXjc+d3yInyICbfLtFmoAeAvM0iKHjcy3p3fdp2/Z8=
300x250-rt-nz-cta3.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-cta3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7140a33c0ddec2c003bcf26040ce90ff17b23353218f42f92fc066e0f6c0f5c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 15:11:35 GMT
Server
AmazonS3
x-amz-request-id
R2GA11QH8GAWQBZM
ETag
"23766774e55bb8524dad4f9ecd656d5e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4702
x-amz-id-2
8w11IlcRo+Uhj4DxxNvCGhbmZPRu6F5XeOsFAF1uxJEvFcT7OMS5aIRUVXP/NgYNYYGs7BP0Ktk=
300x250-rt-nz-logos3.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logos3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d06899b269c9296feff15c14091cbe41ceeb27986b38658689c301fe5b496c5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:52:01 GMT
Server
AmazonS3
x-amz-request-id
R2G8MBRAA4QDJ46B
ETag
"b0ffd27df105ab6c4cdaa92028025da8"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5060
x-amz-id-2
WgVFs/nLHbFLOXg61MjxV/fyeCpMFoDmePwXBcmBByJzPeRLwG/n5AUhfqzh8rM+DrsOObE0PYE=
300x250-rt-nz-copy3-man.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
48 KB
48 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy3-man.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ea37b58e665da0a28a3f1b626d58071c68b4c0e1dd15ad96e431fb96bb31f2c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Mon, 13 Jun 2022 11:42:46 GMT
Server
AmazonS3
x-amz-request-id
R2G4RP6BBDKZ5GMP
ETag
"13a5efe7bc226a385bb90f5406451867"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
48774
x-amz-id-2
mBDTkawzMQzzKQof3nwK10pbX102zqjK/4QiLj0fVa93Mk6N8VT9c+q09NONmJ5N/s2lcRE67lk=
300x250-rt-nz-logos.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logos.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fbb64b7006ed5b280286fe42ab7dbe6e39c921d035ea270589b0b2d38f651e4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
PT5WY68WCA5QGT0S
ETag
"5c119c038e3fd1c30d13d1fc830cbb50"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5060
x-amz-id-2
Rce3FCNZtg2AWjy3dCxLwTaA7cx1N+74A1lpJGxoo4A/8HNEJyCq9J1DaCC/cd1msGCyQfKxz4g=
300x250-rt-nz-logo-map2.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
6 KB
6 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logo-map2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
61400c7ba53dfde1a5a2378bc8dada27700cabd3fb66fb0960b05bdb1136284b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
PT5MPZKCDAZQMYN2
ETag
"350f831e9fbc4e3e4314c0411e6cbb42"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5887
x-amz-id-2
YFPFqNSc9yYlsh2RDvNealkcviL7f0KAMECr8jvbEsevtsVisT+A08Y7fEf/Tz3sF1jNqBy33Ms=
300x250-rt-nz-copy2.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c7b982a96f91fec880cb8e54fdd0202a22d13d03a5d0f8c017e202e7df592796

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:51:59 GMT
Server
AmazonS3
x-amz-request-id
PT5TPDP7BDZ6DV0J
ETag
"01212d41e3152c127d3cc450af6ec5ab"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5194
x-amz-id-2
VVzz/YoQt/K++NFtBmM+vQxiGeKSOv4XPVDmshYPT2LMW0wSYBre7nHk5oJB3UuheGQZXYjY1hM=
300x250-rt-nz-logo-map1.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
6 KB
6 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logo-map1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
92ef7983767f43928b18619785513e4891598aa413cb6b4a5052aa4baf235f2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
PT5RK9CYEMFJXWKG
ETag
"cb52b2b0332278b2be9a905fafb2c5a6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5864
x-amz-id-2
fw++28WwbbLtcenr68vuIx3GTNeIcNRz0EsZRI3G/ixwuHNVP3dOZUf5mphF7cWEZHK3e2emR28=
300x250-rt-nz-copy1.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
4 KB
4 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8bcbe00b6b9f42c843eb6611419d85a2e18b43156f835ba71f4d32da834ac55a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:51:58 GMT
Server
AmazonS3
x-amz-request-id
PT5ZGTKQKX6F0224
ETag
"aae059134559b3a499f9a2a0bbb77689"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3849
x-amz-id-2
DeRUmqXAv8RZ2IetJtexGkf7rR2fbKPk2XPuZGX7eiEExPXnR21/2PevgH4hLC3Fek56LcJL4n0=
300x250-rt-nz-bkg3.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
95 KB
95 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
60df271eb7d8c2fe356ef15fc4a89ae224e1a9152ec383923c10ff173d588d86

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:51:58 GMT
Server
AmazonS3
x-amz-request-id
PT5TYAM6H52HMSYS
ETag
"34a9d49f3285b97527d13ff2d76ea3ca"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
96897
x-amz-id-2
DQ15hoy8jsgyQSixSqJjirRpAeQqZboaxCxDYl4yBO35HXaz4p10zPTgdsgFFOQSlkmRx/2U0kY=
300x250-rt-nz-bkg2.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
49 KB
50 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7a23cd24f7c34763324ad1026cd79eab99b238f426eeaa7957ad7b0df91716d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:51:57 GMT
Server
AmazonS3
x-amz-request-id
PT5XZ5K1C9NBK5HJ
ETag
"e4f28e37cd8e71054cdea1841d37669f"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
50638
x-amz-id-2
s1RbAK9z9E2vc6sSqj/+3cQDx6WR7VVg7rcTrtN6msk/qHcSS9EugxoopV380/aMlu4Krpek854=
300x250-rt-nz-bkg1.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame 09D1
36 KB
37 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c3e6c67445eb85f7b3e938770dd205153bc38227ad51ca6c93d780ee642d74e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:51:57 GMT
Server
AmazonS3
x-amz-request-id
PT5SKHG4DBVRRKP6
ETag
"1dbb3e0418a4c3a57f8330707a8a8f5a"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
37049
x-amz-id-2
bf7SQ6tIZPsLIOx1OHyrLz8q9zDPwS8ywi3CsQ3XBUA5D94wsgFz7Sy2Yx9PQ8GavzSdobDngLY=
300x250-rt-nz-cta3.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-cta3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7140a33c0ddec2c003bcf26040ce90ff17b23353218f42f92fc066e0f6c0f5c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 15:11:35 GMT
Server
AmazonS3
x-amz-request-id
PT5GGE5D48ABT3NR
ETag
"23766774e55bb8524dad4f9ecd656d5e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4702
x-amz-id-2
nIaVfN62Y3VXmvwq9+DJucYiW15WlPW0uXFbJV45DJ0J88X3121fgXVjY3Ot++lJGESp6lrAa7Q=
300x250-rt-nz-logos3.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logos3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d06899b269c9296feff15c14091cbe41ceeb27986b38658689c301fe5b496c5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:52:01 GMT
Server
AmazonS3
x-amz-request-id
PT5MMGWCV3KH6KQ1
ETag
"b0ffd27df105ab6c4cdaa92028025da8"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5060
x-amz-id-2
Ry7g0QGWnHxBvvHbXGGNOeLEw3/IrqvRZxnIKxuVXjnirmntIoI5S9zU7vKF+ObY0x9hpaE51gM=
300x250-rt-nz-copy3-man.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
48 KB
48 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy3-man.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ea37b58e665da0a28a3f1b626d58071c68b4c0e1dd15ad96e431fb96bb31f2c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Mon, 13 Jun 2022 11:42:46 GMT
Server
AmazonS3
x-amz-request-id
PT5QQRRE7ZDW9QQP
ETag
"13a5efe7bc226a385bb90f5406451867"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
48774
x-amz-id-2
L7q/DFdDAnO8UqBdxXkUZuCf4WWiojePPUeB1EAqWFzEGR/p4UX7YAvMaV6t//CAYz2nr7c2pbc=
300x250-rt-nz-logos.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logos.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fbb64b7006ed5b280286fe42ab7dbe6e39c921d035ea270589b0b2d38f651e4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
PT5RKEZWT23DVNQ2
ETag
"5c119c038e3fd1c30d13d1fc830cbb50"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5060
x-amz-id-2
e7KV4l8JcTEttl1JS/SQ606SH9HfuawiL+uu0ytexTNlDje9+28gQr1RAC2LmROpjyTSML6iyGQ=
300x250-rt-nz-logo-map2.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
6 KB
6 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logo-map2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
61400c7ba53dfde1a5a2378bc8dada27700cabd3fb66fb0960b05bdb1136284b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
PT5MY89F1WCVBPF5
ETag
"350f831e9fbc4e3e4314c0411e6cbb42"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5887
x-amz-id-2
VMYBG28fMt3vLwwNveASLJFa+J0wT0tzOkk6TiR1/dw46QOQPLkSfffulFsmujMgJsDHni3IG5o=
300x250-rt-nz-copy2.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
5 KB
5 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c7b982a96f91fec880cb8e54fdd0202a22d13d03a5d0f8c017e202e7df592796

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:56 GMT
Last-Modified
Thu, 26 May 2022 14:51:59 GMT
Server
AmazonS3
x-amz-request-id
PT5J7M255ZAPXHYK
ETag
"01212d41e3152c127d3cc450af6ec5ab"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5194
x-amz-id-2
h6nuQ3W/W8z/1cLpMuFYToSunLNhTdPNbZPiX0wYm6mfuNDoxwy+sD1nA5rn5ZQuR13AovyK5Q0=
300x250-rt-nz-logo-map1.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
6 KB
6 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-logo-map1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
92ef7983767f43928b18619785513e4891598aa413cb6b4a5052aa4baf235f2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:52:00 GMT
Server
AmazonS3
x-amz-request-id
R2G4Z6HGAWMV8WMZ
ETag
"cb52b2b0332278b2be9a905fafb2c5a6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5864
x-amz-id-2
ECeODuAJ1HfrSe+geWWyPawlsDJvw56Mwo9rxLL8cvhVZeKCnX3c7lyNaRwXIC90ELvBEBviiMk=
300x250-rt-nz-copy1.png
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
4 KB
4 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8bcbe00b6b9f42c843eb6611419d85a2e18b43156f835ba71f4d32da834ac55a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:58 GMT
Server
AmazonS3
x-amz-request-id
R2GEKAFP8K29KG2Z
ETag
"aae059134559b3a499f9a2a0bbb77689"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3849
x-amz-id-2
SXYbpnHlMfB2SfbzUbgECa4FljK3fpr8eIFuv16AVd+tqkZcJLakhynkHoVMi7pDyNoNtA1C+iY=
300x250-rt-nz-bkg3.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
95 KB
95 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
60df271eb7d8c2fe356ef15fc4a89ae224e1a9152ec383923c10ff173d588d86

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:58 GMT
Server
AmazonS3
x-amz-request-id
R2GAWT0MJP7A8V3V
ETag
"34a9d49f3285b97527d13ff2d76ea3ca"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
96897
x-amz-id-2
oBV4f4C+Up2IOHTb0MdiE7NYVjvTfXBjL2+6cCC8KukfOu7ZJLVqX7YYt2iOxD2c9Uw38uzgPTc=
300x250-rt-nz-bkg2.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
49 KB
50 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7a23cd24f7c34763324ad1026cd79eab99b238f426eeaa7957ad7b0df91716d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:57 GMT
Server
AmazonS3
x-amz-request-id
R2GBGCXQ7210ARNP
ETag
"e4f28e37cd8e71054cdea1841d37669f"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
50638
x-amz-id-2
a66fD3m/n3eDH7Zwv/8mVa6q6OHujZpRCg4PAR1W0z1eiGBdF/4w0USkgVjFbEK0xrFsEFahetQ=
300x250-rt-nz-bkg1.jpg
s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/ Frame E699
36 KB
37 KB
Image
General
Full URL
https://s3.eu-west-1.amazonaws.com/ads.digital-spring.co.uk/New+Zealand/2022/SQ+New+Zealand+-+May/retarget/300x250/300x250-rt-nz-bkg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8063116472561986134/gwdimage_min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c3e6c67445eb85f7b3e938770dd205153bc38227ad51ca6c93d780ee642d74e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:31:55 GMT
Last-Modified
Thu, 26 May 2022 14:51:57 GMT
Server
AmazonS3
x-amz-request-id
R2GBR4KMQ0X50P8C
ETag
"1dbb3e0418a4c3a57f8330707a8a8f5a"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
37049
x-amz-id-2
QZv6NfGebgintHyAMxVE9lrA7bWkEg16JHJ6C4RP1vX8RR+qhPDH9xM8fIUr9Xvrohbv+ilgkgc=
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E699
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D9F1
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 09D1
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 04:31:54 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 7977
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 18AD
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 8EA8
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BECE
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_d1gqmEOO6nRQGFJcBGYZjp4vaaCiP9n9q80YsohJkfy5uv8jZ-O0qDOPqYU0f7xzwrman8_kSp1zUtft2lGaDqpUFc9JbKlw00WbLq_swrZT7EaUZ6nc5C280apmVV0&sai=AMfl-YQ_nrdvlQPiAl0Ey3MjcvmCboU6izH9Et9cOxPJZ0WipBpk6oc7s0jdbSUlK5chxF5Jzc3vrN3lsEdIPC8kfEc4Vhlw8d2JK5SDJ04Db3mi60LI7h8wsJk21xot&sig=Cg0ArKJSzEMqOiGWFEfBEAE&cid=CAASJeRooAkLZyY11lfRVEmjguofIIpWos6XmqVGbUNfdA5QNegZPO0&id=lidar2&mcvt=1000&p=950,0,1200,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2254616760&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655526713647&rpt=298&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9CE4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHHWeUO-TzjFibr1DA-OBseFPSwX25J8MD6A67W742RHjKABQVjXij8QR7lEG-OtUSb3v_Rsz8FO6joo5s3uSrCJLD8DD4Rx5xtN4R6lD5mb0m8XJiItjni1AQgMn4NAbYFTE3Xw&sai=AMfl-YQ-cxJkeCz1lWe0RtxO8Cfc_G7kIQsNlOPRcTyzbLTy_pafhf0khI4g4r19KKBJBgQUqWp9dBEuSj6E&sig=Cg0ArKJSzHUJ73UAzZ-vEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3213842082&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655526712978&rpt=1060&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.mediawayss.com
URL
https://ad.mediawayss.com/delivery/sync?userid=2ea85777-f46e-46db-b19b-c9d6e048b064&inner_redirect=1&inner_uuid=fffd3c99-88dd-4ec6-b918-8e6d19c113c8&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8=
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEH6XrPsi94queyxHLi01Xzs&google_cver=1&google_push=ARnp8GDuA7hCvb2m1X6bNOBxgg79FQle7exhCT3DeHyZV7UX_V2l32yqGth_EnG-uuk08KKa5MOK5wX90ii320VBGTSWO_Zlhq0

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| H_DEV object| holderPlaces function| holder string| phnx_lang_target_key string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl function| $ function| jQuery object| bootstrap function| phnx_onready_after_load_currency_calc_data function| updateTable function| initInputsValues function| updateAllFields function| parseFieldOnChange function| updateUAHField function| updateUSDField function| updateEURField function| updateRUBField function| setCurrencies function| phnx_frontend_get_var function| phnx_onready_load_html_template function| phnx_article_stat_view_complete function| phnx_article_stat_view_add function| md5 object| toastr function| phnx_set_data_message function| phnx_notice function| phnx_notice_session_save function| phnx_notice_session_start function| phnx_scroll_to function| phnx_onready_clicks_unauth_message number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| gaplugins object| gaGlobal object| gaData object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt boolean| admixerLisBrndMsgSet object| hb_dmx_res object| adsbygoogle object| BM_STAT string| iS object| iD object| iP string| iR string| iT string| iH number| iI object| name92now object| regeneratorRuntime object| mwayss object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| googletag object| _mgIntExchangeNews object| IdealmediaInfC1296110 boolean| mg_loaded_466734_1296110 function| setImmediate function| clearImmediate function| Achernar object| onClickExcludes function| mgReject1296110 function| mgLoadAds1296110_07a57 function| IdealmediaCReject1296110 function| IdealmediaLoadGoods1296110_07a57 function| mgReject1296171 function| mgLoadAds1296171_07a57 function| IdealmediaCReject1296171 function| IdealmediaLoadGoods1296171_07a57 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint466734 string| _mgCanonicalUri object| _mgPageView466734 string| _mgPvid object| pbjsChunk object| pbjs object| _pbjsGlobals function| Swiper function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| html2canvas function| _open boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests object| _mgwcapping object| _mgPageImp466734

82 Cookies

Domain/Path Name / Value
dengi.ua/ Name: b
Value: b
.dengi.ua/ Name: _ga
Value: GA1.2.1634419419.1655526712
.dengi.ua/ Name: _gid
Value: GA1.2.1735230031.1655526712
.dengi.ua/ Name: _gat_gtag_UA_11903997_1
Value: 1
dengi.ua/ Name:
Value: store.test
.dengi.ua/ Name: __gfp_64b
Value: uAN19l_74yw9tm_VdjdmzRhH9K1AcYCy7Qkw9_YJPXr.d7|1655526712
.cdn.umh.ua/ Name: AU
Value: 1d3cf1da61705413
.hit.gemius.pl/ Name: Gtest
Value: KlQWhRaGQMQGnmPMzXS7gURissGMXP8c25nSGVWv7iKWXBG.
ad.mox.tv/ Name: moxuuid
Value: fffd3c99-88dd-4ec6-b918-8e6d19c113c8
ad.mox.tv/ Name: _mwayss_zone_imp[1557][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1557][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_imp[15334][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15334][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_camp_imp[4400][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4400][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_imp[15153][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15153][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_camp_imp[3875][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3875][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_imp[15218][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15218][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_camp_imp[4402][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4402][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_imp[15162][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15162][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_camp_imp[3963][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3963][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_imp[15172][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15172][frequencyPeriodEnd]
Value: 1655613112
ad.mox.tv/ Name: _mwayss_camp_imp[1959][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1959][frequencyPeriodEnd]
Value: 1655613112
.hit.gemius.pl/ Name: Gdyn
Value: KlSzqRaGQMQGnmPMzXS7gURissGMXP8c25nSGVWv7iKWFRxSG7RrGS6Grg9BFlM2xgGPo1RGF8CBI8l8MG..
.go.rcvlink.com/ Name: cache
Value: tp3b493auWby2x8
.i.ua/ Name: __cf_bm
Value: Xw5SJhEnAs1YELxqv3N17cjE8IyOUacmdA8rUzBFgl0-1655526712-0-AR8cPAyFeBaGOp+y1GHsPVbteqOMWT+w/u2aVOT8NaBp0hWVEAFkZpf1IaQMGCyq4bCUxzdwXus1QcEN8DPoIx8=
.admixer.net/ Name: am-uid
Value: 78e01552dfdd4a27b6bb25e2d4ac5fd5
dengi.ua/ Name: am-uid
Value: 78e01552dfdd4a27b6bb25e2d4ac5fd5
dengi.ua/ Name: PHPSESSID
Value: 7lvh15crpnudmnhd7cm993r7u7
.quantserve.com/ Name: mc
Value: 62ad5538-c5d8d-0ae89-7f914
dengi.ua/ Name: cbtYmTName
Value: Nk0UX1IUDBQFUFcCAQUGA1MBUgAHDwNQFEu/
dengi.ua/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1296110%22%3A%7B%22page%22%3A1%2C%22time%22%3A1655526712998%7D%7D
.bidswitch.net/ Name: tuuid
Value: 2ea85777-f46e-46db-b19b-c9d6e048b064
.bidswitch.net/ Name: c
Value: 1655526713
.bidswitch.net/ Name: tuuid_lu
Value: 1655526713
loadercdn.net/ Name: vui
Value: 5c1052d65891441e8953c3bff6b07e04
.mathtag.com/ Name: uuid
Value: 3f4d62ad-5538-4700-89e9-b9f0c59cca63
ad.mox.tv/ Name: bdswtch_sync
Value: 2ea85777-f46e-46db-b19b-c9d6e048b064
.dengi.ua/ Name: __gads
Value: ID=a44de461550e5dcf:T=1655526713:S=ALNI_Mab1Shc13d5Y275HBE4uxTH2Qvcqg
.doubleclick.net/ Name: IDE
Value: AHWqTUlUR1H-b1PJpIzi_7jH9NLsIOsiSbx-eqlp09X9bw2eXUY3zSsd62CtArYZna4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 5564508115835760161
.advertising.com/ Name: APID
Value: UP94880886-eebf-11ec-80fe-02aeffdcf8aa
.spotxchange.com/ Name: audience
Value: 948d3c46-eebf-11ec-ac6b-155da6fd0106
.quantserve.com/ Name: d
Value: EAoBCQG0JoEA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In6g/aR+!]tbPl1M>e)ZlrFUfJ+tGXxoPbZXZ9N]eP5HfuIsTh<+g`u+y8YZS%7BKsgz3If)y3KL9D3I?+UiQ?qf
.casalemedia.com/ Name: CMPS
Value: 671
.mathtag.com/ Name: mt_mop
Value: 4:1655526713
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%228FAEBCAC-C133-47DD-ADE8-24075E11BCD4%22%7D
.blismedia.com/ Name: b
Value: 62AD553A1AB196B5C2FCAFC5BLIS
.adfarm1.adition.com/ Name: UserID1
Value: 7110433094287620239
.3lift.com/ Name: tluid
Value: 1482390480121376974396
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 400165828
.lijit.com/ Name: ljt_reader
Value: E1FvtGZHUTeVMf9ZQ7WVCk8S
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-601a4669-80f4-4065-8603-713fdfecf478-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBDpVrWICEJ1amnqCdUAGtE2zQ6vBZ7cFEgEBAQGmrmK3YgAAAAAA_eMAAA&S=AQAAAr4HQjPPyAxpG7tc-WKLeGo
.de17a.com/ Name: guid2
Value: 1.6467521821082267647
.w55c.net/ Name: wfivefivec
Value: A0HMOC0K1O2q7M5
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~25is
.casalemedia.com/ Name: CMRUM3
Value: 2d62ad553a2760
.casalemedia.com/ Name: CMST
Value: Yq1VOmKtVToA
.yieldoptimizer.com/ Name: ckid
Value: 3015900462868
.rutarget.ru/ Name: userId
Value: 9ugLEuoUJrrF
.casalemedia.com/ Name: CMPRO
Value: 671
.casalemedia.com/ Name: CMID
Value: Yq1VOnNuJCwa4KxrdOmFdwAA
.w55c.net/ Name: matchgoogle
Value: 5
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-601a4669-80f4-4065-8603-713fdfecf478-003%22%7D
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 11F140EC-C3B7-44F9-B7CA-961B7FD66AC0

8 Console Messages

Source Level URL
Text
javascript warning URL: https://dengi.ua/(Line 1364)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v147337&s145856&t6&c1&n471216&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dengi.ua/(Line 1364)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v147337&s145856&t6&c1&n471216&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dengi.ua/(Line 1380)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v1630&s23&t6&c1&n538274&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dengi.ua/(Line 1380)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v1630&s23&t6&c1&n538274&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://h.holder.com.ua/s?ta&bholder_300x100_4379&c1&r36019705&dholder1390205423&hhttps%3A//dengi.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://pixel.advertising.com/ups/55946/sync?uid=CAESEDO6808ycltNR9w9YXBwWWs&_origin=1&google_cver=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.mediawayss.com
ad.mox.tv
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
autocounter.idealmedia.io
b5b81bb58e1d49e866365353e50be280.safeframe.googlesyndication.com
bgstats.mox.tv
c.bigmir.net
c.idealmedia.io
cdn.admixer.net
cdn.idealmedia.io
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
cs.emxdgt.com
d5p.de17a.com
dclk-match.dotomi.com
dengi.ua
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
go.rcvlink.com
google-sync.rutarget.ru
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.holder.com.ua
i.holder.com.ua
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
jsc.idealmedia.io
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.i.ua
s-img.idealmedia.io
s.ad.smaato.net
s.zmctrack.net
s0.2mdn.net
s3.eu-west-1.amazonaws.com
securepubads.g.doubleclick.net
servicer.idealmedia.io
ssum-sec.casalemedia.com
st11.rcvlink.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tag.yieldoptimizer.com
tpc.googlesyndication.com
tr.blismedia.com
unpkg.com
upload.wikimedia.org
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.cdn.umh.ua
ad.mediawayss.com
google2waycm.netmng.com
104.16.221.74
104.18.3.81
104.92.106.130
136.243.84.74
142.250.185.98
142.250.186.34
142.250.186.66
146.0.227.109
146.59.10.80
146.59.30.104
167.71.9.19
178.162.133.149
18.156.0.31
18.193.29.139
18.195.155.181
185.187.81.40
185.29.132.241
185.94.180.125
190.2.151.10
192.82.242.209
193.239.68.97
193.29.200.162
2.20.157.55
213.155.156.164
213.19.147.45
216.52.2.48
216.58.212.134
2600:9000:223f:ae00:1b:5138:8a40:93a1
2606:4700::6810:7caf
2606:4700::6811:190e
2620:0:862:ed1a::2:b
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9b
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3602:79ce:4a08:37f6:a715
3.122.71.146
3.33.220.150
34.96.105.8
34.98.64.218
35.186.212.60
35.190.0.66
37.252.173.38
45.9.26.83
52.218.36.90
69.173.144.138
76.223.111.18
78.159.118.240
85.114.159.118
91.198.36.26
91.198.36.35
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
09114f252f1c010f6bbfb43d633e52c953c5c5722b876b31a7416285e9407fce
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a790017591866b91ce60f012035ec6ade2b5e7e3e2e431942b88eb9faf89b62
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdd41f689eb4e425bf3eff8db44c60932c88999e4f00a9b05309e5ae68adb10
0cd57594a9006786b04705c4d20e7d35cd039a4107b54c7fedb3742050024228
0ea37b58e665da0a28a3f1b626d58071c68b4c0e1dd15ad96e431fb96bb31f2c
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10c5dd1eaabf5bbf1cbee087b83d068915e9d17bd19b0ae79f3786e035a6c09b
11bb4124c16516b35cab2ab3e4503fd8748c11da10a6fe2784c8855b2953a1ac
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1306abec4b8ee8a93b580fe6c9aad3599a865964a352e7f4e7d7e4400c8c1c6d
14d56b0bb498f3ea550d0c97baffe43bb61175733e503c1a31dd4e6f744e736d
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e485f27fadd2d31d1418f59a2d716a207ffafd7e97f32c2347b088d555a5523
1f1c8f1795dbbf629c8b2d0bb056f19a83843d15d3a48036e0cee5491e6c5685
1fc5b3f4a0461510af67792bc90c244c1536599e367b17cd444f40222bb59e66
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20737ae9bf00b4b85a4097591d827e6b34590bc3a5409fedd61276d932f8741e
2200fb773bcc45a03b92e6164c3187f5b1e7b970868c245525f7a7aa3cf6f701
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8
23901faad9c2ce4cfb6697dedbf1569ef2ffefee4f58588063c84aee72060e37
279e1a607d6090b9a80a5928735be3a36826df15dbaa78784f7e720619137454
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
2ac85d03065782dc4f3a7e93bfbbe18c3f70bb1508d0f432e0525173b156d6e6
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
3406b94f0f9a522566ba71a5022f33ad44ce94ff6c0fc92e51d5b43b37ee2195
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3b5ca0e48d335653e3d092edecf97fae1394b1636aabeb3a195d79b2a577e345
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3df82386e5e72d1afc038af67db01bf5c1c15ac1df46c8a714b750ef8f3b347b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
400cf89053b2a51dad6c86ddec939c27d56d619190d2e68b3dafc7860e1c1459
417dbce419383072377a955804304271ad17feb16889c06d05023898df3b6a49
42f78f2725977ce58274bb51e4547a6dc692dbf03052eeab098d0f249c7b2837
436c54643e77538c94951f6f91083ac11f8b194a8855c05de5ae0aaa93983842
44d8a29337d8884e821cae4a34e53b03f5c63af3d9822ef602e41a660352b1b5
465e244b397fcad8fe7b66a8f6e6e87200e65c3213bf4da1ff0584c90de790cf
472da821a9382665bbc3e14b8b15326045957bb473ee08cb2f89eeecb2ad70e1
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
48b048c91929694e52ef1d5eb05358ad72e428402af81d0c64c44daac06a0bb7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4fde05972e07818972ca37acd5fe202b748135be03d11ca6a8242769bd186bcb
50186f885825a46441fe9dbb32d77b4985fbdb70974a98d8dd429f932f74d20c
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c4526f6ab88ff68a7dd2400ed53f87949f63afe5a0a8694ad8cc082eef3805
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5248c8e706ec8be86fdad29e8929ca59b3789e9151377141695b905539cae130
53f04d9ce71520a466e682e4331b8e3f0e35fcb4e545d8c3c2d6c271515d4fd2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c24961aedbef6e5c5a17d918a7cf838d75ed2cadb67493d4aaaeaca9c18f78
56d1f1f3e5b1add4f774ea6c58dbb722abd040454ccc1cc1ce38e9fe98e9021d
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5b79c21d8f1c4efd78aa32cbcbc42fa0709305b7a75637af7f3cafa03dbfc174
5dc7d5c866f5fa13297461243c843c6bc60da7a8a81496dc4c13881308dbfc55
5ebbe5a236f15eff9c9cc690d3b27921683e62cf9b9fcf52588e19ce394e5e77
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60df271eb7d8c2fe356ef15fc4a89ae224e1a9152ec383923c10ff173d588d86
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61400c7ba53dfde1a5a2378bc8dada27700cabd3fb66fb0960b05bdb1136284b
61563b78ef92c7b090e047c4c152f6a1853cca61f45cefea1155baa73fdd06ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
65c1eb70e8e4fa1ef5d90a0fd5e0d2965c5cbc61cb09706f5dca725cfea01ebd
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d
66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6939ea70c8ba34d1291f1c0469d399533f0b090a5078ceea7f317e06a1b1bf09
6adba150b92b1c42336eb509d56a051bc2229046a0822fc77008f65749089830
6ae4419a323092d86de141aa2cdfcdfc6573f32f9a22fc535182b96a31822d71
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
6bf9d8f60a4d205540802837f8ac5852158891ebdae4e7de33bd39bfe0476bdd
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6cec0e38347b38f35dc946f2d2b435d9227e38b225ddec57e62261aced6bdb79
6d15cb059fde6785b76e5613e4ee4407a1f07e339d40f1a1383b60eaec13ec92
7140a33c0ddec2c003bcf26040ce90ff17b23353218f42f92fc066e0f6c0f5c2
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
76d83e3086d32ed6fe091287ba45df3026f6e3302833a21577f9c488a8ec653c
799790a46451fd067e0c386d3ddddb943311950c1621d133f7260bdc08195017
7a23cd24f7c34763324ad1026cd79eab99b238f426eeaa7957ad7b0df91716d2
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
83ef97b39d9221b3e23c06a2705419aac746054478314d30a2224cb0358d9746
874623caa9d2444b43308de2a339ce94bb6af54178c9630f6f5ec31a478bc517
8750955dc9849aa1f13a62c862aadd2ee900157be523740d6914a5a599182af3
880cd838bf06632fb7720bbfcc917feb8868a488ba28989ae0992b5d8bf7b58e
89bc864825d33292d943d11957b9f3f987ac048786033e60ac6ac0c2bbe7b19c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bcbe00b6b9f42c843eb6611419d85a2e18b43156f835ba71f4d32da834ac55a
8ca0e24866f6068cd875952cbb9d5b9e92fb9c648f299232fd045253f436fdb1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
912f911aa605e91352bc8fe84466d20b3e4d95f40b57a6f4503344c85d541931
9214c29e074cb15cb796602bc30ea9651f7a4d4bd36914ab5e6c0e58138e01fa
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf
92ef7983767f43928b18619785513e4891598aa413cb6b4a5052aa4baf235f2a
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98c35e09d34e200679b0eb068a09d628a4175bf6e49878a917226d7ce6a65045
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9dc5eaf0ee09be94e860c4a570dbaf10aee89bd0c7480b59037f21aac62c1aee
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acf0a7f4b2e838f23bb55dd85a45a62a30800810da73c2c8383d3380de227e2e
aedd1b112e247314f7e990485858511f15d21e57885ee131e9e1a3fec0173d61
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b68a1ba91deb32619434087b6672ff157e24654bc1285d5a70ea9eeb01726e91
b8d86cef844b576c416d227db472a310d92e737dd778c70e184bbbdf1a2a27f9
b9f646bf7753af501baa9657f5311b0df4ae803be640db03fa04b9db6d48727c
ba120d10bee74449a7ad13ea98a935146b60a0021264a25244ae5380f843d6a6
bd6189087cad9d19fb214c8200364606a5dd73a4f8dc8690726ff774473b9cd4
bd718d22fff76ba478cd7cd1c603d82bb3217904717eacec1e5c5be8acc30339
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7
c3e6c67445eb85f7b3e938770dd205153bc38227ad51ca6c93d780ee642d74e8
c7a646d0e69f4566183d75261c74532e3eb5b75be8cb45a202618d57ca51d77e
c7b982a96f91fec880cb8e54fdd0202a22d13d03a5d0f8c017e202e7df592796
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06899b269c9296feff15c14091cbe41ceeb27986b38658689c301fe5b496c5b
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2f3afcb915897272d11b78d4fec7cc739a8abaab05fb4bbfcb28991c78e357a
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
d406c433c3815efb8532ecdcd2f260abdc4cf92c334af4c8ddec25cf33ef4c91
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d51d8bbb9f6b485d965653ff90dcd150aedf2fd7fed2c9cf8c58712fe8d5b918
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d79de2ca577febf89000fd75858530071082febb0c190f9a413c7c8a32e36dc2
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dc7af645ced73024fc89f84cbb8c72a3eacd05a5daaa50c2b64f9091d5cdf18b
dcd9b5ebb5977f9fc11d2c8e3794483c407beb063712cd8fe9d6b523d2ed2faf
dd7909f7860ad301638209b00f4fd5c925cd52362aead8755a27be096eafed9e
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e32d82eb1abe99026bd3e1e9278d9c646b4beafbeada09e243656e5d62606b75
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
e354704588f56c7ab3837af35cfe1a4ee0494717682586a45df80ebe5c65523a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5d759ff9d75be634664fc1ae80f63318195ad6e7e40c0df9fd9e3e0ba43be
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58c753d0a3db639d4a0ba7f7f354994cc17633fe0d8f5da3220ca95d952309d
e84ab0d57db91411f1d6b8c4e2314f10ff72ac1fedf78eaa941740bdeec141d2
e8dcdf5dff373850306ae1bb9c886dbeb76540e57163f2124a52408fad73ec2f
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed06ba8767beb20b7a4d89c1efb2c15144f0bcf934a33784072bee77aeb7d80e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d2d5c0d8373ea3e787c353abefebde3a345b06f99751afe27697519d3afc15
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f8d15fcc5c1a45bcadac4a7b531f682c32d081d4e5035ed16bbc156ad747d271
f930576dce334203146fda1a6ad0d97627ad51ac54baf30755a0cd660593f2f4
fbb64b7006ed5b280286fe42ab7dbe6e39c921d035ea270589b0b2d38f651e4d
fca8bf0f20c4995895c05df23122bff6e8e571c45d7794443f5927d60649cfed
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f