westudents.com.ua Open in urlscan Pro
95.142.40.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://westudents.com.ua/
Submission: On June 03 via api (June 3rd 2022, 12:30:13 pm UTC) from GB — Scanned from GB

Summary HTTP 99 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 25 domains to perform 99 HTTP transactions. The main IP is 95.142.40.16, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is westudents.com.ua.

This is the only time westudents.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	95.142.40.16 95.142.40.16	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	2a00:1450:401... 2a00:1450:4014:80f::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 4	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
12	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	83.220.172.45 83.220.172.45	29182 (RU-JSCIOT) (RU-JSCIOT)
1	92.63.105.49 92.63.105.49	29182 (RU-JSCIOT) (RU-JSCIOT)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
8	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.217.164.131 172.217.164.131	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:1::9	15169 (GOOGLE) (GOOGLE)
1	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	87.240.190.67 87.240.190.67	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	217.20.155.208 217.20.155.208	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2	94.100.180.55 94.100.180.55	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
99	34

7 95.142.40.16 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: vm366435.eurodir.ru

westudents.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80f::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 95.163.114.204 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.220.172.45 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1005.ru

subnine.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.105.49 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1010.ru

grsync.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Moscow, Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.164.131 (United States)

ASN15169 (GOOGLE, US)
PTR: iad30s24-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:1::9 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r3---sn-aigzrner.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.100.180.55 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	387 KB
12	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 142506	74 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 578 pix.eu.criteo.net — Cisco Umbrella Rank: 7369 csm.eu.criteo.net — Cisco Umbrella Rank: 7618	49 KB
9	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	96 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	52 KB
7	westudents.com.ua westudents.com.ua	163 KB
5	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3528	52 KB
4	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9241	2 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11353 ads.eu.criteo.com — Cisco Umbrella Rank: 7606 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9295	66 KB
2	mail.ru connect.mail.ru — Cisco Umbrella Rank: 64205	1 KB
2	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2788	476 B
2	ok.ru connect.ok.ru — Cisco Umbrella Rank: 23333	4 KB
2	vk.com vk.com — Cisco Umbrella Rank: 5661	958 B
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1311 r3---sn-aigzrner.gvt1.com — Cisco Umbrella Rank: 416580	666 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	86 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
1	click.ru af.click.ru — Cisco Umbrella Rank: 201293	1 KB
1	grsync.ru grsync.ru — Cisco Umbrella Rank: 211377	319 B
1	subnine.ru subnine.ru — Cisco Umbrella Rank: 213737	319 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5121	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	653 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
99	25

	Domain	Requested by
12	w.uptolike.com	westudents.com.ua w.uptolike.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	westudents.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net westudents.com.ua
8	static.criteo.net	ads.eu.criteo.com
7	westudents.com.ua	westudents.com.ua
5	csi.gstatic.com	www.gstatic.com
5	mc.yandex.ru	2 redirects westudents.com.ua
4	counter.yadro.ru	2 redirects westudents.com.ua
3	www.gstatic.com	googleads.g.doubleclick.net
2	connect.mail.ru	w.uptolike.com
2	api.pinterest.com	w.uptolike.com
2	connect.ok.ru	w.uptolike.com
2	vk.com	w.uptolike.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	pix.eu.criteo.net	ads.eu.criteo.com
1	r3---sn-aigzrner.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	af.click.ru	w.uptolike.com
1	grsync.ru	w.uptolike.com
1	subnine.ru	w.uptolike.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	westudents.com.ua
99	34

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
westudents.com.ua R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
uptolike.com R3	`2022-04-24` - `2022-07-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
subnine.ru R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh
grsync.ru R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.click.ru R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2021-11-01` - `2022-12-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://westudents.com.ua/
Frame ID: 74EF71577B96B63E85A17F8D55EBEF2D
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html
Frame ID: E0AB923EC62289D5DC498FAF3F94813E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&adk=1812271804&adf=3025194257&lmt=1654259409&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwestudents.com.ua%2F&ea=0&pra=5&wgl=1&dt=1654259408861&bpp=2&bdt=1020&idt=147&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6429116641090&frm=20&pv=2&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=161
Frame ID: 628F083255B143F5BEF36A9095F13F31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181
Frame ID: 9E94E1E3E1B2BFF1F4CDA820C1A2C9FA
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408865&bpp=1&bdt=1023&idt=183&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=LEXbb45UEM&p=http%3A//westudents.com.ua&dtd=185
Frame ID: AE7ED393142A1C0E1F8F94FC1F00D18C
Requests: 8 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81
Frame ID: 505A4AD4D7BA27B3072D3AD03717B58C
Requests: 11 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?5b4cad3538d17eca467fce30e3540f81
Frame ID: A0650B303CEBFAB810DDCCD9B8E3C6AA
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ypn-0QACTvAIFVZLAAeQOPjtAVQth-I0m3VnGQ&u=%7COu6A3hTQZUSOsGtnveQa9oJv1d4X4A6CE5qO9cXe%2F24%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocaCCQXGU6_SLHTqOqX5o_sdrmox3hMN3oXuaFRlNakDgFQkYm0_yxLGVohZEHc8en4CJEZa2nXPqEvp6xJyl_ONokwFnyH9Rcam88nBim1b_MNmJ1YDuzfo3FbueKyGAfUOKxATeTZmN1Sb-QSQmBoH0rb73FWYjSphqjtP2IvPeoEdYKCcVFSoOuREAFXhdazlCmjXusKhTPo9-v8CT9LlVSr3WKTRFD1RH1HAQx6UtGJgpAWJjzd2lpiiJqwnOe4ZKh5wIZFKSnZTGs2lmj7XD1mZhOPPA130kTMuE6TYemEzh3JwAV9Y_WAcmqlnChDM3vhia6cvnO3FIOybBlrylr4Hm5IB40jwr_6WdSN_LGd-87mUopcG_KOR5UGsIc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOtNj0f6ZYvCdCcus1fAPuKCesA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03MzEyOTgyODQ5MDEzOTI0oAG91IjrA8gBCakCRBT0l3QZtT6oAwGqBMIBT9CAu7gTLDW8jHzrXqRP81V7ja6itpJ2mTAgcdzgemvWFDv8fRwYcgroj5PrjrugrX23DPo9YqGXqu8TnjHMQ0NgUNtrP6GBP9QEhMpQ6mXl711fS0Dm_Egk7_N7WCUfjCSJlVC3Fi0rJjIvg79vEiV3WfD17SJRa8Y0sZxCIJtkMXCBEUjTUioPQo1MFoPXajkCMItGPYSX-vEO5rJ4jLhceZ9Oq7KZN6-jsCjN5Vb0RoNqMZFzE9pPde0966pwozmABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33JaVm33nEWucaFVJKeorSVvVuGA%26client%3Dca-pub-7312982849013924%26adurl%3D
Frame ID: C788EBA7C8A9101B573E160436A5C337
Requests: 14 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 394A26493517EBBE8CC520C1A975B71F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Frame ID: 9893E8393296D7D9F6AAE6E34DA27EBA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 431412BFFA2C83864E34755C98906D90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1EC9E0DBD957926C923A3F1B3F73A8B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бібліотека українських підручників

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

99
Requests

87 %
HTTPS

56 %
IPv6

25
Domains

34
Subdomains

34
IPs

6
Countries

1767 kB
Transfer

3116 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.466216442309211 HTTP 302
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.466216442309211 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.466216442309211

Request Chain 38

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 64

https://redirector.gvt1.com/videoplayback?id=778e74139905dfa9&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1654266609&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=67F958C73C0BCFDBF8F50498D5E2D632D96A9FC0.1D036A7530D8375B55005150872DC57852653468&key=ck2 HTTP 302
https://r3---sn-aigzrner.gvt1.com/videoplayback?id=778e74139905dfa9&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654266609&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5CAF61CB81D9F3E02C1BE761E1DC8D3D5B5CE3CF.8286135EF98A3CF16E89B299C1D12583F9730E27&key=cms1&cms_redirect=yes&mh=Xg&mip=2001:ac8:21:e::6&mm=28&mn=sn-aigzrner&ms=nvh&mt=1654258294&mv=u&mvi=3&pl=48

Request Chain 75

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozorr03fcecccg%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A813%3Acn%3A1%3Adp%3A0%3Als%3A1423245976184%3Ahid%3A308773828%3Az%3A0%3Ai%3A20220603123010%3Aet%3A1654259410%3Ac%3A1%3Arn%3A787322647%3Arqn%3A1%3Au%3A1654259410469659215%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654259407519%3Ads%3A168%2C75%2C78%2C74%2C0%2C0%2C%2C715%2C12%2C%2C%2C%2C1111%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654259410%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozorr03fcecccg%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A813%3Acn%3A1%3Adp%3A0%3Als%3A1423245976184%3Ahid%3A308773828%3Az%3A0%3Ai%3A20220603123010%3Aet%3A1654259410%3Ac%3A1%3Arn%3A787322647%3Arqn%3A1%3Au%3A1654259410469659215%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654259407519%3Ads%3A168%2C75%2C78%2C74%2C0%2C0%2C%2C715%2C12%2C%2C%2C%2C1111%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654259410%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

99 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
westudents.com.ua/ 28 KB
28 KB 321ms
78ms Document
text/html 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 / PHP/7.2.29
Resource Hash: 5461cd3752d76af082daaec1ae4b0605d92fa4da2e816924524906e4606771ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 12:30:07 GMT
Server: nginx/1.16.1
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.29

GET
H/1.1 200
OK style6.css
westudents.com.ua/css/ 24 KB
24 KB 608ms
147ms Stylesheet
text/css 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/css/style6.css?ver=1.6.6

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

27357951e2762a8adf71c13ae7e0e03b5ecee8e87017238183e7cfffdb428f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:08 GMT
Last-Modified: Fri, 08 May 2020 13:11:27 GMT
Server: nginx/1.16.1
ETag: "5eb55a7f-5f2d"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24365

GET
H/1.1 200
OK bootstrap.min.css
westudents.com.ua/css/ 8 KB
8 KB 145ms
74ms Stylesheet
text/css 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://westudents.com.ua/css/bootstrap.min.css?ver=1.2
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 /
Resource Hash: f49bd72e6bae4d1803162659b45335d1f58883eb2bd4a10d808447ee1c66ac35

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:07 GMT
Last-Modified: Fri, 08 May 2020 13:11:27 GMT
Server: nginx/1.16.1
ETag: "5eb55a7f-1f34"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7988

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
westudents.com.ua/js/ 91 KB
92 KB 613ms
151ms Script
application/javascript 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/js/jquery-1.8.3.min.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:08 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-16dc4"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93636

GET
H/1.1 200
OK main.js Show response
westudents.com.ua/js/ 3 KB
3 KB 537ms
75ms Script
application/javascript 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/js/main.js?ver=1.1.1

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

4b6755fa117ce7885e5ef0c47fd833e6d6e9383bc173087ccaf7f80ae8053ceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:08 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-cc5"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3269

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 203ms
78ms Script
application/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109056477-1

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9556199b81d0d793d864ce2c6636e674ad0d2d38e6d3ba51f46c4d459f349941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39696
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Jun 2022 12:30:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 173ms
81ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1ad4292ce0a6cb20e77addd522f6fdb51772efa1e7f9bf1446ec538dec48272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56171
x-xss-protection: 0
server: cafe
etag: 10219327610178081814
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 12:30:08 GMT

GET
H/1.1 200
OK ukr.png
westudents.com.ua/images/ 1 KB
1 KB 75ms
75ms Image
image/png 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://westudents.com.ua/images/ukr.png
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 /
Resource Hash: 54ef03d404ec29d9c8c4766a73f27e6dd748c23defc52450ae3672a71b8d439e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:08 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-454"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1108

GET
H/1.1 200
OK logo
counter.yadro.ru/ 112 B
336 B 163ms
78ms Image
image/gif 88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/logo?45.1
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host204.rax.ru
Software: 0W/0.8c /
Resource Hash: bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:08 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: 0W/0.8c
Connection: Close
Content-Type: image/gif
Content-Length: 112
Expires: Sat, 03 Jun 2023 04:39:57 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438...
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0...

43 B
528 B

107ms
107ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.466216442309211

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 12:30:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 04:39:57 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 12:30:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.466216442309211
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 03 Jun 2021 04:39:57 GMT

GET
H/1.1 200
OK logo.jpg
westudents.com.ua/images/ 7 KB
7 KB 76ms
76ms Image
image/jpeg 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://westudents.com.ua/images/logo.jpg

Requested by

Host: westudents.com.ua
URL: https://westudents.com.ua/css/style6.css?ver=1.6.6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

0bb9a543d6729f51a883b23be6010e8211cebc56db711baa2b52de74107c8651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://westudents.com.ua/css/style6.css?ver=1.6.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:08 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-1ac2"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6850

GET
H/1.1 200
OK uptolike.js Show response
w.uptolike.com/widgets/v1/ 21 KB
9 KB 161ms
79ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://w.uptolike.com/widgets/v1/uptolike.js
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:08 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Fri, 03 Jun 2022 13:00:08 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0000f2da5b41f0afdea3eb387de6032482859d0c2f2d54aa2ab57e104329dcf0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109056477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3322
date: Fri, 03 Jun 2022 11:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 03 Jun 2022 13:34:46 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
845 B 302ms
105ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1654259408796595
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6144658b3b7c63f27a6f747a986f2247b6847424b5443256975efd2b4cb90dc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 12:30:09 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 21 Apr 2022 09:06:31 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206010101/ 323 KB
115 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7312982849013924&plah=westudents.com.ua&bust=31067864

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbffe33a488d09abb53d523ef877c96c72806a18d9edca64974372554805c6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117450
x-xss-protection: 0
server: cafe
etag: 4863657148083533592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 12:30:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/ Frame E0AB 10 KB
5 KB 131ms
41ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 60828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 19:36:20 GMT
etag: 1327746537699501093
expires: Thu, 16 Jun 2022 19:36:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 47ms
47ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=579715465&t=pageview&_s=1&dl=http%3A%2F%2Fwestudents.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=700835308&gjid=1272375999&cid=465801693.1654259409&tid=UA-109056477-1&_gid=2112827920.1654259409&_r=1&gtm=2ou610&z=296488685

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://westudents.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://westudents.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
653 B 161ms
50ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=westudents.com.ua&callback=_gfp_s_&client=ca-pub-7312982849013924

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7312982849013924&plah=westudents.com.ua&bust=31067864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0eb6ba2177977aab704254dc0645233adb83dd560d7acebe8d2c4c4192368f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 183ms
51ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=westudents.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jun 2022 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 156ms
51ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=westudents.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jun 2022 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwestudents.com.ua%2F&tn=DIV&cls=menu-container&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 628F 0
19 B 182ms
97ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&adk=1812271804&adf=3025194257&lmt=1654259409&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwestudents.com.ua%2F&ea=0&pra=5&wgl=1&dt=1654259408861&bpp=2&bdt=1020&idt=147&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6429116641090&frm=20&pv=2&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=161

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 12:30:09 GMT
expires: Fri, 03 Jun 2022 12:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E94 106 KB
35 KB 883ms
820ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aa2575b7e643dc9de5cba6a7a408906c4640ecaa8f3b7aed90b2dd02ee78028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36260
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 12:30:09 GMT
expires: Fri, 03 Jun 2022 12:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE7E 23 KB
10 KB 651ms
593ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408865&bpp=1&bdt=1023&idt=183&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=LEXbb45UEM&p=http%3A//westudents.com.ua&dtd=185

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5da7aa3acc9315ec1623e904c09c7809e0206285f5f4d17ed710aad43e0c364d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9903
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 12:30:09 GMT
expires: Fri, 03 Jun 2022 12:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widgetsModule.js Show response
w.uptolike.com/widgets/v1/ 172 KB
42 KB 214ms
213ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5b4cad3538d17eca467fce30e3540f81
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:09 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 03 Jun 2022 13:00:09 GMT

GET
H/1.1 200
OK share-counter.html Show response
w.uptolike.com/widgets/v1/ Frame 505A 17 KB
5 KB 107ms
107ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5b4cad3538d17eca467fce30e3540f81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 03 Jun 2022 12:30:09 GMT
Expires: Fri, 03 Jun 2022 13:00:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame A065 1023 B
914 B 220ms
114ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?5b4cad3538d17eca467fce30e3540f81
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5b4cad3538d17eca467fce30e3540f81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 03 Jun 2022 12:30:09 GMT
Expires: Fri, 03 Jun 2022 13:00:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK top-bottom.png
w.uptolike.com/static/buttons/gradients/40/ 168 B
503 B 224ms
77ms Image
image/png 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/static/buttons/gradients/40/top-bottom.png
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 42e9385cea8164b34b0617860d86b6ba3844e4a92484d8d24142522d6df6a959

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:09 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-a8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168
Expires: Thu, 17 Nov 2022 07:50:42 GMT

GET
H/1.1 200
OK icomoon.woff
w.uptolike.com/static/buttons/fonts/ 9 KB
9 KB 250ms
83ms Font
application/font-woff 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Referer: http://westudents.com.ua/
Origin: http://westudents.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:09 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-23b8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9144
Expires: Thu, 17 Nov 2022 07:57:02 GMT

GET
H/1.1 200
OK widgets-batch.js Show response
w.uptolike.com/widgets/v1/ Frame 505A 418 B
662 B 174ms
104ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTM1MDk4MSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZ3ZXN0dWRlbnRzLmNvbS51YSUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1654259409568709
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b4571bd527507b8a235c5a7769175a7fce493c180c7041306d463512f325cdb6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 12:30:09 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 21 Apr 2022 09:06:31 GMT

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/ Frame A065 0
154 B 79ms
79ms Image
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/imp?pid=1350981&url=http%3A%2F%2Fwestudents.com.ua%2F&vp=138a0354-0850-4300-918b-cfeee96a296c&ttl=JUQwJTkxJUQxJTk2JUQwJUIxJUQwJUJCJUQxJTk2JUQwJUJFJUQxJTgyJUQwJUI1JUQwJUJBJUQwJUIwJTIwJUQxJTgzJUQwJUJBJUQxJTgwJUQwJUIwJUQxJTk3JUQwJUJEJUQxJTgxJUQxJThDJUQwJUJBJUQwJUI4JUQxJTg1JTIwJUQwJUJGJUQxJTk2JUQwJUI0JUQxJTgwJUQxJTgzJUQxJTg3JUQwJUJEJUQwJUI4JUQwJUJBJUQxJTk2JUQwJUIy&rnd=0.34566002814605534
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?5b4cad3538d17eca467fce30e3540f81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Jun 2022 12:30:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame AE7E 3 KB
1 KB 141ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408865&bpp=1&bdt=1023&idt=183&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=LEXbb45UEM&p=http%3A//westudents.com.ua&dtd=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:25:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE7E 138 KB
43 KB 170ms
65ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 12:30:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame AE7E 17 KB
8 KB 136ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:23:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE7E 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWA-e0f6ZYvCdCcus1fAPuKCesA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03MzEyOTgyODQ5MDEzOTI0oAG91IjrA8gBCakCRBT0l3QZtT6oAwGqBL8BT9CAu7gTLDW8jHzrXqRP81V7ja6itpJ2mTAgcdzgemvWFDv8fRwYcgroj5PrjrugrX23DPo9YqGXqu8TnjHMQ0NgUNtrP6GBP9QEhMpQ6mXl711fS0Dm_Egk7_N7WCUfjCSJlVC3Fi0rJjIvg79vEiV3WfD17SJRa8Y0sZxCIJtkMXCBEUjTUioPQo1MFoPXajkCMItGPYSXuPMvdGHafr3Pi5DWKNYFnKy3upTHy04vyBgOrTDMDfZXpGrX7jmABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MzEyOTgyODQ5MDEzOTI0GAA&sigh=Z8APntmgfeI&uach_m=[UACH]&cid=CAQSGwCNIrLMVuK_F2GiXkhFXuqy4GeFB8NqC7OCbRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408865&bpp=1&bdt=1023&idt=183&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=LEXbb45UEM&p=http%3A//westudents.com.ua&dtd=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 03 Jun 2022 12:30:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Jun 2022 12:30:09 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame AE7E 0
0 191ms
60ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEsuBMKwC2ASH-lcYAgAAAHVCjzX7O9lbEND-mWIYDMvzrrqYIUxxwAASAAA&wp=Ypn-0QACTvAIFVZLAAeQOPjtAVQth-I0m3VnGQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 293918
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C788 258 KB
66 KB 336ms
211ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ypn-0QACTvAIFVZLAAeQOPjtAVQth-I0m3VnGQ&u=%7COu6A3hTQZUSOsGtnveQa9oJv1d4X4A6CE5qO9cXe%2F24%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocaCCQXGU6_SLHTqOqX5o_sdrmox3hMN3oXuaFRlNakDgFQkYm0_yxLGVohZEHc8en4CJEZa2nXPqEvp6xJyl_ONokwFnyH9Rcam88nBim1b_MNmJ1YDuzfo3FbueKyGAfUOKxATeTZmN1Sb-QSQmBoH0rb73FWYjSphqjtP2IvPeoEdYKCcVFSoOuREAFXhdazlCmjXusKhTPo9-v8CT9LlVSr3WKTRFD1RH1HAQx6UtGJgpAWJjzd2lpiiJqwnOe4ZKh5wIZFKSnZTGs2lmj7XD1mZhOPPA130kTMuE6TYemEzh3JwAV9Y_WAcmqlnChDM3vhia6cvnO3FIOybBlrylr4Hm5IB40jwr_6WdSN_LGd-87mUopcG_KOR5UGsIc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOtNj0f6ZYvCdCcus1fAPuKCesA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03MzEyOTgyODQ5MDEzOTI0oAG91IjrA8gBCakCRBT0l3QZtT6oAwGqBMIBT9CAu7gTLDW8jHzrXqRP81V7ja6itpJ2mTAgcdzgemvWFDv8fRwYcgroj5PrjrugrX23DPo9YqGXqu8TnjHMQ0NgUNtrP6GBP9QEhMpQ6mXl711fS0Dm_Egk7_N7WCUfjCSJlVC3Fi0rJjIvg79vEiV3WfD17SJRa8Y0sZxCIJtkMXCBEUjTUioPQo1MFoPXajkCMItGPYSX-vEO5rJ4jLhceZ9Oq7KZN6-jsCjN5Vb0RoNqMZFzE9pPde0966pwozmABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33JaVm33nEWucaFVJKeorSVvVuGA%26client%3Dca-pub-7312982849013924%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

40fcae5807bac6cf575e9bec4b5f8c03f6682fc991ba23d4ee1240af289a7e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 12:30:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PTYYiMW63Ry3IhzcDrEbH1eM9-KhW7E79YKOUT43hv_a8mHCoDEcC9V-1UKocNF4jT0mZFGBrG6joDPCAeSQGILLT37NxSx1_BLmzQuguHQ8f7NKCOOpPo3GjSHQbF5v39SdueSR543afxYM7IpaHFiTLtX-zWqyiUXZ96aClxlez1fVnA_SZNHU3GmP0tPjaRVQTIPqjpdoYM9EaIG63a0zBuC62guZ2HUUez1HvOJCIO9A4pl-zeJVKgcjHscuP02zZw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 156185726
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 97ms
97ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.41079420150981316
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5b4cad3538d17eca467fce30e3540f81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a66766816b19c1350f98c9a686a25e2d84047b9b444e4f4929a60bf0b2fc85d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 12:30:09 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 21 Apr 2022 09:06:31 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

140 KB
50 KB

369ms
181ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e30f68f37b990e436c976c44e0f1da8502758ef5b999e9ca7cdd4210ba7ac741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: br
last-modified: Thu, 02 Jun 2022 10:24:16 GMT
etag: "629865a0-c79c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 51100
expires: Fri, 03 Jun 2022 13:30:10 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK / Show response
subnine.ru/r/ 0
319 B 266ms
100ms Script
application/javascript 83.220.172.45
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://subnine.ru/r/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.41079420150981316

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.220.172.45 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1005.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:10 GMT
Last-Modified: Friday, 03-Jun-2022 12:30:10 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
grsync.ru/cdn/ 0
319 B 307ms
95ms Script
application/javascript 92.63.105.49
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://grsync.ru/cdn/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.41079420150981316

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.63.105.49 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1010.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:10 GMT
Last-Modified: Friday, 03-Jun-2022 12:30:10 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 874 B
1 KB 263ms
85ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.41079420150981316
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 Moscow, Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: 39858aef5dd68cd70768b55701f54801b4124de8b60a17cdf4086f78631602a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:10 GMT
Last-Modified: Wed, 30 Mar 2022 12:02:19 GMT
Server: nginx
ETag: "624446cb-36a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 874

GET
H2 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame 9E94 10 KB
5 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 20:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 20:23:27 GMT

GET
H2 200 327a2f53e8b7ae59adc1a35b4c015d49.js Show response
www.gstatic.com/mysidia/ Frame 9E94 134 KB
50 KB 135ms
44ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2966fd929f6ef5ac5b30eb42f2eff08724c7f2a0b7a653dea0aa0d6995d6ab85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50844
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 01:42:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9E94 8 KB
1 KB 140ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 12:29:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 03 Jun 2022 12:30:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jun 2022 12:30:10 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 9E94 2 KB
904 B 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:28:39 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 9E94 21 KB
9 KB 135ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:28:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 9E94 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:28:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E94 138 KB
42 KB 154ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 12:30:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 9E94 17 KB
7 KB 137ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:28:31 GMT

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 9E94 31 KB
13 KB 126ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 29 May 2022 20:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 20:23:28 GMT

GET
DATA 200
OK truncated
/ Frame AE7E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6af14e1e591967bc4e1c900b7592c805a78517f0ad29193f6ca5147ee11f0e2d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C788 2 KB
1 KB 166ms
54ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ypn-0QACTvAIFVZLAAeQOPjtAVQth-I0m3VnGQ&u=%7COu6A3hTQZUSOsGtnveQa9oJv1d4X4A6CE5qO9cXe%2F24%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY7bpRBgfvQocaCCQXGU6_SLHTqOqX5o_sdrmox3hMN3oXuaFRlNakDgFQkYm0_yxLGVohZEHc8en4CJEZa2nXPqEvp6xJyl_ONokwFnyH9Rcam88nBim1b_MNmJ1YDuzfo3FbueKyGAfUOKxATeTZmN1Sb-QSQmBoH0rb73FWYjSphqjtP2IvPeoEdYKCcVFSoOuREAFXhdazlCmjXusKhTPo9-v8CT9LlVSr3WKTRFD1RH1HAQx6UtGJgpAWJjzd2lpiiJqwnOe4ZKh5wIZFKSnZTGs2lmj7XD1mZhOPPA130kTMuE6TYemEzh3JwAV9Y_WAcmqlnChDM3vhia6cvnO3FIOybBlrylr4Hm5IB40jwr_6WdSN_LGd-87mUopcG_KOR5UGsIc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOtNj0f6ZYvCdCcus1fAPuKCesA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi03MzEyOTgyODQ5MDEzOTI0oAG91IjrA8gBCakCRBT0l3QZtT6oAwGqBMIBT9CAu7gTLDW8jHzrXqRP81V7ja6itpJ2mTAgcdzgemvWFDv8fRwYcgroj5PrjrugrX23DPo9YqGXqu8TnjHMQ0NgUNtrP6GBP9QEhMpQ6mXl711fS0Dm_Egk7_N7WCUfjCSJlVC3Fi0rJjIvg79vEiV3WfD17SJRa8Y0sZxCIJtkMXCBEUjTUioPQo1MFoPXajkCMItGPYSX-vEO5rJ4jLhceZ9Oq7KZN6-jsCjN5Vb0RoNqMZFzE9pPde0966pwozmABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33JaVm33nEWucaFVJKeorSVvVuGA%26client%3Dca-pub-7312982849013924%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 12:30:10 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame C788 2 KB
1 KB 168ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 12:30:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C788 308 B
636 B 166ms
54ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 29 May 2023 12:30:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C788 293 B
621 B 166ms
55ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 29 May 2023 12:30:10 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame C788 43 B
348 B 127ms
40ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VCRazYcx9605_4K3nDuWYMfrlw518lVFdnJBxK00oFgpjygEXW80T15oI3ZcR3Y_-jLf1kSPUhdF1S9bEdT4lv13jONnc-wJhcnbA3YmH6gNJkz-O1bv4WBieuF3w1ZPdkahCXiOskg2EBER7mX72nMKms8SlxL9Owk7_QEh_Y7OzAxxyAh1_FEB_3CbgBzhKtn0w1-icKG8MM2qOuS1mHOdRxlh4VeBEwPk3GFoWC____2s67S5CAt1eKr1ee1yN_bNymOe2OCyqBjDDJoSSFAe7iz8sS0QtyJG-YB0uNoDoPTXXLzR261zC03HYMWtM7iPD4YS3hFQV-uH5plXe0PnspbokMI3YZDlultHNku3EULZB9I2DajfKFYCzdkDky8oEblkC_qkBkBTFPKLL4BqFQP2TYnK3jK9wGpXwC8Qiz8pWW-hjggwb9rwfyrMvyerog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:09 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2916667
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 9E94 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 18:13:44 GMT
x-content-type-options: nosniff
server: cafe
age: 65786
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
etag: 9923804599063086578
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
expires: Fri, 03 Jun 2022 18:13:44 GMT

GET
DATA 200
OK truncated
/ Frame 9E94 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C788 12 KB
5 KB 163ms
55ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4351388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nt8w%2BLXryxPLfkl2MZZz9gl6O8W05gp%2B%2Bk%2BSriLyJwkxAcOiktgoRqz2tL2cTNMlxBP7Q4pVine%2FwkUR%2FOwsiXInt5bBX55OR6O7d7g5F3f%2F2pF5KAuhQAr5UAkAaBseS3Eh%2FLrwGHisO0PGtVOF55pB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 715870421c0dcc36-ZRH
expires: Wed, 24 May 2023 12:30:10 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame C788 27 KB
28 KB 223ms
112ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 12:30:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9E94 0
327 B 758ms
113ms Ping
image/gif 172.217.164.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~l3yfca1t&c=247930001901&slotId=123965000950.5&qqid=CPDJy8OkkfgCFTOwcQodjcgM9Q&sei=44729911%2C44730425%2C44730426%2C44731965%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.164.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: iad30s24-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17817638767438986732/ Frame 9E94 140 KB
140 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17817638767438986732/downsize_200k_v1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46e7e46afa20576db026389b39acc1b288acb7f6c2f697bb7c6bdda087caf7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 12:35:01 GMT
x-content-type-options: nosniff
age: 86109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143812
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 03:29:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Jun 2023 12:35:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9E94 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChZq_0f6ZYrCdCbPgxgONkbOoD6PD6fhl4OTYgusPr4G649cCEAEg7J2FHmC7hoCA0AqgAf3e6_YDyAEJqQIMQO-2xhi1PqgDAcgDywSqBOMBT9BJFQhmkPtFN-iSmsuCYTqTyHrKOEbmQoTXoCXf0ti_xJXIfsixkWSsZqiEdLZOIe3sPt5F8MxtiKyIre-SLnhZECiDSVCqIhhILlB0UDHCYmL-9sfL5nrepASwFwWe6n1W-PIRfnLTDnIsbtes_4hcCKH-M7D_wiVsmWYNIIHQZnbgn2VfI7mtvw-jfgBydSMP3stIfxPQPC2H59Zqd6D8TCpME_evfw9mPCNBKPeNW80AtPSnjWDOjHPx54UuzJ8maKBtUpd0m_cDKf8ucHyS-n34f-A5IK5FPCklOWrsqoPABI-S5IvrA5IFBAgEGAGSBQQIBRgEoAYugAfroJQJqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgYoP0ggJCIDhgBAQARgfgAoByAsBuBOcG9gTCtAVAYAXAbIXHAoaCAASFHB1Yi03MzEyOTgyODQ5MDEzOTI0GAA&sigh=7ORSs7KwjhE&uach_m=[UACH]&template_id=3484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 03 Jun 2022 12:30:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

206

videoplayback
r3---sn-aigzrner.gvt1.com/ Frame 9E94
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=778e74139905dfa9&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1654266609&sparams=ip,ipbits,expire,id,...
https://r3---sn-aigzrner.gvt1.com/videoplayback?id=778e74139905dfa9&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654266609&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

665 KB
665 KB

334ms
269ms

Media
video/mp4

2a00:1450:4009:1::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigzrner.gvt1.com/videoplayback?id=778e74139905dfa9&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654266609&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5CAF61CB81D9F3E02C1BE761E1DC8D3D5B5CE3CF.8286135EF98A3CF16E89B299C1D12583F9730E27&key=cms1&cms_redirect=yes&mh=Xg&mip=2001:ac8:21:e::6&mm=28&mn=sn-aigzrner&ms=nvh&mt=1654258294&mv=u&mvi=3&pl=48

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Server

2a00:1450:4009:1::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0328a58071eb93f2dc50fbb22fb6f846e386a6dbde75e1578b30527a8418fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 28 May 2022 18:27:23 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-681024/681025
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 681025
expires: Fri, 03 Jun 2022 12:30:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-aigzrner.gvt1.com/videoplayback?id=778e74139905dfa9&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654266609&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5CAF61CB81D9F3E02C1BE761E1DC8D3D5B5CE3CF.8286135EF98A3CF16E89B299C1D12583F9730E27&key=cms1&cms_redirect=yes&mh=Xg&mip=2001:ac8:21:e::6&mm=28&mn=sn-aigzrner&ms=nvh&mt=1654258294&mv=u&mvi=3&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9E94 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c580cc0de1429979dc699846c2bee1a61a4806069073d93b5b32ff67b8933b81

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C788 12 KB
6 KB 56ms
56ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 12:30:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C788 8 KB
9 KB 120ms
37ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=268&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=596&s=rPgVQY602X_BKrV5qs1gPp-j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

eff97737eabf85a30fe5e25199ac4731471008fe482c9a50fcc8ae62faaa800d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30914347
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8452
expires: Sat, 27 May 2023 07:49:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C788 0
128 B 119ms
36ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=PTYYiMW63Ry3IhzcDrEbH1eM9-KhW7E79YKOUT43hv_a8mHCoDEcC9V-1UKocNF4jT0mZFGBrG6joDPCAeSQGILLT37NxSx1_BLmzQuguHQ8f7NKCOOpPo3GjSHQbF5v39SdueSR543afxYM7IpaHFiTLtX-zWqyiUXZ96aClxlez1fVnA_SZNHU3GmP0tPjaRVQTIPqjpdoYM9EaIG63a0zBuC62guZ2HUUez1HvOJCIO9A4pl-zeJVKgcjHscuP02zZw&sds=2&rev=81696&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Jun 2022 12:30:10 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C788 2 KB
1 KB 55ms
54ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 12:30:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C788 2 KB
1 KB 56ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 12:30:10 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9E94 28 KB
28 KB 132ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 20:40:28 GMT
x-content-type-options: nosniff
age: 143382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 20:40:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9E94 0
54 B 631ms
114ms Ping
image/gif 172.217.164.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~l3yfca21&c=247930001901&slotId=123965000950.5&qqid=CPDJy8OkkfgCFTOwcQodjcgM9Q&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffa287546e1d5bd0678894d5c227e456c.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.164.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: iad30s24-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9E94 0
45 B 631ms
115ms Ping
image/gif 172.217.164.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=3~l3yfca5q&c=247930001901&slotId=123965000950.5&qqid=CPDJy8OkkfgCFTOwcQodjcgM9Q&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F327a2f53e8b7ae59adc1a35b4c015d49.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.164.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: iad30s24-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9E94 0
54 B 630ms
114ms Ping
image/gif 172.217.164.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=4~l3yfca5r&c=247930001901&slotId=123965000950.5&qqid=CPDJy8OkkfgCFTOwcQodjcgM9Q&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F1a132ce94651f9fd8f1d4e10540034d5.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.164.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: iad30s24-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/23414332/
Redirect Chain

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozorr03fcecccg%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozorr03fcecccg%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8...

338 B
420 B

98ms
97ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozorr03fcecccg%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A813%3Acn%3A1%3Adp%3A0%3Als%3A1423245976184%3Ahid%3A308773828%3Az%3A0%3Ai%3A20220603123010%3Aet%3A1654259410%3Ac%3A1%3Arn%3A787322647%3Arqn%3A1%3Au%3A1654259410469659215%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654259407519%3Ads%3A168%2C75%2C78%2C74%2C0%2C0%2C%2C715%2C12%2C%2C%2C%2C1111%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654259410%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

df15b9bdd7bc85796a44ddeb6ba52d21315baa6e7e16f6dfa707c11d98266fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 03-Jun-2022 12:30:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://westudents.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Fri, 03-Jun-2022 12:30:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Fri, 03-Jun-2022 12:30:10 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozorr03fcecccg%3Afp%3A1111%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A813%3Acn%3A1%3Adp%3A0%3Als%3A1423245976184%3Ahid%3A308773828%3Az%3A0%3Ai%3A20220603123010%3Aet%3A1654259410%3Ac%3A1%3Arn%3A787322647%3Arqn%3A1%3Au%3A1654259410469659215%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654259407519%3Ads%3A168%2C75%2C78%2C74%2C0%2C0%2C%2C715%2C12%2C%2C%2C%2C1111%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654259410%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://westudents.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 03-Jun-2022 12:30:10 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 91ms
91ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
last-modified: Thu, 02 Jun 2022 10:24:16 GMT
etag: "629865a0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Jun 2022 13:30:10 GMT

GET
H2 200 share.php Show response
vk.com/ Frame 505A 22 B
480 B 233ms
82ms Script
text/html 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_1654259410746816

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-190-240-87.vk.com

Software

kittenx / KPHP/7.4.111279

Resource Hash

fd85cbb53220f64d9ed87abf4752bfa0a8b3fb7e8167fce81afe0d792286e079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
x-frontend: front224007
server: kittenx
x-powered-by: KPHP/7.4.111279
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 share.php Show response
vk.com/ Frame 505A 21 B
478 B 233ms
83ms Script
text/html 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1654259410747143

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-190-240-87.vk.com

Software

kittenx / KPHP/7.4.111279

Resource Hash

c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
x-frontend: front224007
server: kittenx
x-powered-by: KPHP/7.4.111279
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 dk Show response
connect.ok.ru/ Frame 505A 25 B
2 KB 428ms
113ms Script
application/javascript 217.20.155.208
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fwestudents.com.ua&callback=callback__utl_cb_share_1654259410747441

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:11 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dk Show response
connect.ok.ru/ Frame 505A 25 B
2 KB 462ms
147ms Script
application/javascript 217.20.155.208
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1654259410748823

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:11 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 505A 86 B
331 B 203ms
108ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_1654259410748162

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00e2d1396eb1220f63eaa9f79efe812ef3631d140a7a5a9ccb395ef84db346fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1966762602410400
content-length: 86
expires: Fri, 03 Jun 2022 12:45:10 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 505A 96 B
145 B 205ms
110ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1654259410748140

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b96a6274c1c9ddc5cbdbff94e1c89e43c196fea5d5031b7c18fe2c8c204c07dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:10 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6386748154072484
content-length: 96
expires: Fri, 03 Jun 2022 12:45:10 GMT

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 505A 83 B
670 B 320ms
87ms Script
text/javascript 94.100.180.55
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit193&url_list=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_165425941074814

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

4a5d4919e6afc158b8e4a02067b551797c7741cd43029f3fe888645cb0b5f51c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:10 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 83
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 505A 93 B
680 B 382ms
110ms Script
text/javascript 94.100.180.55
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit238&url_list=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1654259410748608

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

0dbcc9d9fa3b74d5338c9c83393801ae8fffda2a25cf45b851f64b027ab85a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 12:30:11 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 93
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame 394A 14 KB
4 KB 96ms
96ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5b4cad3538d17eca467fce30e3540f81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 03 Jun 2022 12:30:10 GMT
Expires: Fri, 03 Jun 2022 13:00:10 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9E94 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CFwky0f6ZYrCdCbPgxgONkbOoD6PD6fhl4OTYgusPr4G649cCEAEg7J2FHmC7hoCA0AqgAf3e6_YDyAEJqQIMQO-2xhi1PqgDAcgDywSqBOYBT9BJFQhmkPtFN-iSmsuCYTqTyHrKOEbmQoTXoCXf0ti_xJXIfsixkWSsZqiEdLZOIe3sPt5F8MxtiKyIre-SLnhZECiDSVCqIhhILlB0UDHCYmL-9sfL5nrepASwFwWe6n1W-PIRfnLTDnIsbtes_4hcCKH-M7D_wiVsmWYNIIHQZnbgn2VfI7mtvw-jfgBydSMP3stIfxPQPC2H59Zqd6D8TCpME_evfw9mPCMDKsYf8T_YgSx_r9JGpMR5z3Talmz6Mbxn7p1fg1_D6cr2iuGD1GVH0HARlwTSKAU9hoEA8HCefSPABI-S5IvrA6AGLoAH66CUCagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH7EJmhDianUH1yyACgGYCwHICwHgCwGADAG4DAG4E5wb2BMK0BUB-BYBgBcB&sigh=Uy5JX0aAcfo&cid=CAQSGwCNIrLMS_4mBQ8jgeNoSKSQr5NCufTyipDSTQ&label=adresume

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9893 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:10:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 138ms
54ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220601&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84e4ccd225e4f8e4c24d671e4563899b29a8bf49abfaa7acf91a2a7e332a470e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jun 2022 12:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10654
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE7E 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT3eZMoYLNX0Xo4QwnFqH_pET-eTimeNQbWyGZA4sJ0QrSsDvjyUrgskXFEIPXzxtX5c7F9k8t-KpNRRMrquAHAQ&sig=Cg0ArKJSzF2guqjT1A6gEAE&id=lidar2&mcvt=1001&p=0,0,600,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1667669443&rs=2&la=0&cr=0&vs=4&r=v&rst=1654259409051&rpt=908&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content upd Show response
w.uptolike.com/widgets/v1/ Frame 505A 0
154 B 101ms
101ms Script
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/upd?id=vk&pid=1350981&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dvk&c=17&callback=callback__utl_cb_share_1654259410981268
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?5b4cad3538d17eca467fce30e3540f81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Jun 2022 12:30:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9E94 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1654259409&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1654259408863&bpp=2&bdt=1021&idt=177&shv=r20220601&mjsv=m202206010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6429116641090&frm=20&pv=1&ga_vid=465801693.1654259409&ga_sid=1654259409&ga_hid=579715465&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C44760912%2C31067628%2C31067864&oid=2&pvsid=4382588866813175&pem=696&tmod=1872505799&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wNgC9STeOO&p=http%3A//westudents.com.ua&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 12:30:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4314 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 12:10:38 GMT
expires: Sat, 03 Jun 2023 12:10:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1EC9 783 B
1 KB 144ms
52ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c484090fb3c20288fea544815ecec255966f695c6f7b0bb819075f767dd99f0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-exGJ73huWIdS8iHlTBKl5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-exGJ73huWIdS8iHlTBKl5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 12:30:11 GMT
expires: Fri, 03 Jun 2022 12:30:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4314 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:10:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1EC9 0
0 109ms
109ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220601&jk=4382588866813175&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4314 0
9 B 41ms
41ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NZlGag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:30:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame C788 0
127 B 36ms
36ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Jun 2022 12:30:11 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E94 42 B
64 B 89ms
88ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNWGSkDajsVSpmB59_8xgv5FFrd35lrxHjoN8Oq8OCN2HsoptvM_gRmZLhkaJIMcQT2cHS6DcCLZYsskk2XeMFH6hWuI8-O_mUPPULpv1EtIiMZQOD05U3ycAX&sai=AMfl-YQBZXqlm-dLy8V81XTU01COTkQtimrJzmjFFyKXi5Al6hreAwVFHSzgc-lBlHVZMpT49duxc03-3rPR&sig=Cg0ArKJSzCTJlvA-K_w3EAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3970222355&rs=2&la=0&cr=0&vs=4&r=v&rst=1654259409045&rpt=1719&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 116ms
115ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220601&jk=4382588866813175&bg=!RkWlRQHNAAao8wy8iPM7ACkAdvg8WoqYdP83Wo--4mblt_1rwQ8JQP1qIGf8_8cnm1Hc8WwSu0LoAwIAAABYUgAAAANoAQcKANkAvH4lPwIpbCxLdfxqTupNbHo7cuTQvviZVtgH6_4Tp785GfHOagNkyAVLYV_xApjmkrb23SneP_iigup73TZdSwxhJtNQ9MzzlRhohBcJ2mduQhNHqhj8a5KNA7GUIZtjEjAMW8M0sAf3AJVsHOPONp88MD4FDWz5BKEKe2TKdw-P3xpICq6tIn4f1cQGxTy8Fw3voqfybkRuArOfctWpZGbCCv1HzUGRfJzwpNF31URG6_qJx2Etik6fclQ_RQjxXZNixeVodMr0Mo21KtvHsFthowVb-XMsmQKeW753ERVBTM9CCVHyGyaPOne4OwF0FBQHXN8adI372Nhbu9gLj9zFotv3aSPlX7GPGF4DpVeS_uIFLfEqN7uv9jdbCS1iGFAzlu516PWNbWpAW1QOYF0nnVJ6ceKFsovbdp9tXO41omQSIwi5QJqTzGLRSWUdM7wxPG21gqRRpZPsDNGDtL5zSCcqN6MnrL8fgADBLojzsi4Ix5TXQjEMfxjb1_GEDMVYiWrZqdK0MXsQQl11Qtxsy4j6Qv9wBR7qd_wkhAVH9OOv5Z4Jxoo1HAXRcAoP44pVZHs6_qjoSMIP8hP2G9_fyhkuZocWRmhjnF7gAbbbO9SSjrg5jzzrCeYdiAt7s6yAFgZW4AduvQgNtWpUTz6cEb_bIa3FirQGvLkkcwCwGodFtgUZ1BOLE29jARXjpYDuQ19SYdw1Ex1s-w4lBsKsBNOE3aoCOiPkw8vq7VlUeD7llFsI4FZ5uxnCB6JF33y5jcP_RwDeaiOvywgRB0NgyNoT9dBr7typiIp2SZAWeVK0FdEs_J_SqR5f78fIiNEhHjvz0DFgbB-F4cVk-b-uapu6ve1CO48pRwnQnj3sv97mNTM3vqYbB2dqfPypeYZvVuOT26dmOKtzFK6sy51Ia1ImSesV-ZUYj4hUY_vzJ_BbFQnUS7cyjdleuN6WzznI9XVpYOuYZZ1X0ME3Pr_Bsm40VA13727MxYlWkdweL-o5yiFmocML_2PM8N2UjQbswHeMqqYq4_LMhM-4WhXmTqHf9uXXkKXY7VhKs1MQX5zX9GAxhkccQId_6qwcxfdiObKh6oqTltZjFZAU9dmDDdBOzCxDyKp6SR5iB3db87JRdO4xf_hefc6KI-4f0JJMkKAhdkUgI34r5D52GUujBVb-77Jaog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 9E94 0
45 B 415ms
114ms Ping
image/gif 172.217.164.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=5~l3yfca5r&c=247930001901&slotId=123965000950.5&qqid=CPDJy8OkkfgCFTOwcQodjcgM9Q&dm=13000&event_name=first_play&asset_bytes=22976&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l3yfcapl
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.164.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: iad30s24-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 12:30:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.westudents.com.ua/	1970-01-20 21:02:11	Name: _ga Value: GA1.3.465801693.1654259409
.westudents.com.ua/	1970-01-20 03:32:25	Name: _gid Value: GA1.3.2112827920.1654259409
.westudents.com.ua/	1970-01-20 03:30:59	Name: _gat_gtag_UA_109056477_1 Value: 1
.w.uptolike.com/	1970-01-20 21:02:11	Name: utl_id2 Value: 27660617830
.w.uptolike.com/	1970-01-20 21:02:11	Name: utl_dat Value: "CKbBrcySMBAAIKaS+NSSMCimkvjUkjAwAE+WoFn3QyUTIB5kl4F1umM="
.yadro.ru/	1970-01-20 12:16:07	Name: FTID Value: 1YcVxH2rrmOK1YcVxH0027rv
.westudents.com.ua/	1970-01-20 12:52:35	Name: __gads Value: ID=02678356c0c384b1-22985f14a6cd0082:T=1654259409:RT=1654259409:S=ALNI_MaN1ZeTwLL7wOcrE-HGmQ4R6MVvnw
.yadro.ru/	1970-01-20 12:16:07	Name: VID Value: 0XvR1d3SQLuK1YcVxH0027tL
.doubleclick.net/	1970-01-20 12:52:35	Name: IDE Value: AHWqTUl8rIitsIGORfc361YjJAMA7lGimwHsfecdh7Z3XtoDbbRWj13vHyO5CzY9aEc
.doubleclick.net/	1970-01-20 03:31:00	Name: test_cookie Value: CheckForPermission
.westudents.com.ua/	1970-01-20 12:16:35	Name: _ym_uid Value: 1654259410469659215
.westudents.com.ua/	1970-01-20 12:16:35	Name: _ym_d Value: 1654259410
.westudents.com.ua/	1970-01-20 03:32:11	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 12:16:35	Name: yandexuid Value: 6095192891654259410
.yandex.ru/	1970-01-20 12:16:35	Name: yuidss Value: 6095192891654259410
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1177195921654259410
.yandex.ru/	1970-01-23 19:06:59	Name: i Value: AnlqzL0Dye5QZOybe3a7vuMqiGIhSVfMUlXbgleIT5epxhcDDE/j0OVkVlbOeFqPoUlWiqewXUTznlxvx5xXFiwEHDM=
.yandex.ru/	1970-01-20 12:16:35	Name: ymex Value: 1685795410.yrts.1654259410#1685795410.yrtsi.1654259410
.vk.com/	1970-01-20 12:20:17	Name: remixlang Value: 3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
af.click.ru
api.pinterest.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
connect.mail.ru
connect.ok.ru
counter.yadro.ru
csi.gstatic.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grsync.ru
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
r3---sn-aigzrner.gvt1.com
redirector.gvt1.com
rtb.nl.eu.criteo.com
static.criteo.net
subnine.ru
tpc.googlesyndication.com
vk.com
w.uptolike.com
westudents.com.ua
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
151.101.128.84
172.217.164.131
178.250.0.139
178.250.0.160
178.250.0.162
217.197.112.80
217.20.155.208
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4009:1::9
2a00:1450:4014:80f::2008
2a02:2638:1::2
2a02:2638::3
2a02:2638::b
2a02:6b8::1:119
83.220.172.45
87.240.190.67
88.212.201.204
92.63.105.49
94.100.180.55
95.142.40.16
95.163.114.204
0000f2da5b41f0afdea3eb387de6032482859d0c2f2d54aa2ab57e104329dcf0
00e2d1396eb1220f63eaa9f79efe812ef3631d140a7a5a9ccb395ef84db346fe
0328a58071eb93f2dc50fbb22fb6f846e386a6dbde75e1578b30527a8418fb91
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aa2575b7e643dc9de5cba6a7a408906c4640ecaa8f3b7aed90b2dd02ee78028
0bb9a543d6729f51a883b23be6010e8211cebc56db711baa2b52de74107c8651
0dbcc9d9fa3b74d5338c9c83393801ae8fffda2a25cf45b851f64b027ab85a15
0eb6ba2177977aab704254dc0645233adb83dd560d7acebe8d2c4c4192368f0e
27357951e2762a8adf71c13ae7e0e03b5ecee8e87017238183e7cfffdb428f88
2966fd929f6ef5ac5b30eb42f2eff08724c7f2a0b7a653dea0aa0d6995d6ab85
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
39858aef5dd68cd70768b55701f54801b4124de8b60a17cdf4086f78631602a7
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
40fcae5807bac6cf575e9bec4b5f8c03f6682fc991ba23d4ee1240af289a7e7c
42e9385cea8164b34b0617860d86b6ba3844e4a92484d8d24142522d6df6a959
46e7e46afa20576db026389b39acc1b288acb7f6c2f697bb7c6bdda087caf7a5
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4a5d4919e6afc158b8e4a02067b551797c7741cd43029f3fe888645cb0b5f51c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b6755fa117ce7885e5ef0c47fd833e6d6e9383bc173087ccaf7f80ae8053ceb
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
5461cd3752d76af082daaec1ae4b0605d92fa4da2e816924524906e4606771ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ef03d404ec29d9c8c4766a73f27e6dd748c23defc52450ae3672a71b8d439e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5da7aa3acc9315ec1623e904c09c7809e0206285f5f4d17ed710aad43e0c364d
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6144658b3b7c63f27a6f747a986f2247b6847424b5443256975efd2b4cb90dc0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
6af14e1e591967bc4e1c900b7592c805a78517f0ad29193f6ca5147ee11f0e2d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
84e4ccd225e4f8e4c24d671e4563899b29a8bf49abfaa7acf91a2a7e332a470e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9556199b81d0d793d864ce2c6636e674ad0d2d38e6d3ba51f46c4d459f349941
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66766816b19c1350f98c9a686a25e2d84047b9b444e4f4929a60bf0b2fc85d8
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b1ad4292ce0a6cb20e77addd522f6fdb51772efa1e7f9bf1446ec538dec48272
b4571bd527507b8a235c5a7769175a7fce493c180c7041306d463512f325cdb6
b96a6274c1c9ddc5cbdbff94e1c89e43c196fea5d5031b7c18fe2c8c204c07dc
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
c484090fb3c20288fea544815ecec255966f695c6f7b0bb819075f767dd99f0b
c580cc0de1429979dc699846c2bee1a61a4806069073d93b5b32ff67b8933b81
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
df15b9bdd7bc85796a44ddeb6ba52d21315baa6e7e16f6dfa707c11d98266fc2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e30f68f37b990e436c976c44e0f1da8502758ef5b999e9ca7cdd4210ba7ac741
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff97737eabf85a30fe5e25199ac4731471008fe482c9a50fcc8ae62faaa800d
f49bd72e6bae4d1803162659b45335d1f58883eb2bd4a10d808447ee1c66ac35
fbffe33a488d09abb53d523ef877c96c72806a18d9edca64974372554805c6f1
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
fd85cbb53220f64d9ed87abf4752bfa0a8b3fb7e8167fce81afe0d792286e079

westudents.com.ua Open in urlscan Pro 95.142.40.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

87 %HTTPS

56 %IPv6

25 Domains

34 Subdomains

34 IPs

6 Countries

1767 kBTransfer

3116 kBSize

19 Cookies

1 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

westudents.com.ua Open in urlscan Pro
95.142.40.16 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

87 %
HTTPS

56 %
IPv6

25
Domains

34
Subdomains

34
IPs

6
Countries

1767 kB
Transfer

3116 kB
Size

19
Cookies

99 HTTP transactions
4 data transactions