www.44.ua Open in urlscan Pro
2606:4700:3037::6815:3381 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://44.ua/
Effective URL:
https://www.44.ua/
Submission: On July 14 via api (July 14th 2022, 5:34:54 am UTC) from GB — Scanned from GB

Summary HTTP 137 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 21 domains to perform 137 HTTP transactions. The main IP is 2606:4700:3037::6815:3381, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.44.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2022. Valid for: a year.

This is the only time www.44.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 39	2606:4700:303... 2606:4700:3037::6815:3381	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	78.140.180.86 78.140.180.86	35415 (WEBZILLA) (WEBZILLA)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:9::210:ee09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:ef:... 2a02:26f0:ef:28a::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	213.254.244.108 213.254.244.108	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
137	29

39 2606:4700:3037::6815:3381 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.44.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.140.180.86 (Netherlands)

ASN35415 (WEBZILLA, NL)

content.mql5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:9::210:ee09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

animate.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ef:28a::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.108 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	44.ua 3 redirects 44.ua www.44.ua s.44.ua	1 MB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	437 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 282	137 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 138 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	93 KB
8	gstatic.com fonts.gstatic.com p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com	78 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 376	133 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69 region1.google-analytics.com — Cisco Umbrella Rank: 2603	20 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 491 tps.doubleverify.com — Cisco Umbrella Rank: 494 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 10922	112 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 103	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 ajax.googleapis.com — Cisco Umbrella Rank: 350	86 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	85 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	317 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2790 adservice.google.co.uk — Cisco Umbrella Rank: 4409	1 KB
2	adobe.com animate.adobe.com — Cisco Umbrella Rank: 50403	55 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8351	1 KB
2	mql5.com content.mql5.com — Cisco Umbrella Rank: 50709	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	122 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	639 B
1	sendpulse.com cdn.sendpulse.com — Cisco Umbrella Rank: 22136	2 KB
0	atdmt.com Failed ad.atdmt.com Failed
137	21

	Domain	Requested by
25	s.44.ua	www.44.ua s.44.ua
19	tpc.googlesyndication.com	www.44.ua googleads.g.doubleclick.net tpc.googlesyndication.com
13	s0.2mdn.net	www.44.ua s0.2mdn.net
12	www.44.ua	1 redirects www.44.ua
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	www.44.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com www.44.ua
2	p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com
2	cdn.doubleverify.com	s0.2mdn.net www.44.ua
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com	www.44.ua
2	www.google.com	1 redirects www.44.ua
2	region1.google-analytics.com	www.googletagmanager.com
2	animate.adobe.com	s.44.ua
2	ajax.googleapis.com	s.44.ua
2	connect.facebook.net	www.44.ua connect.facebook.net
2	counter.yadro.ru	1 redirects www.44.ua
2	content.mql5.com	www.44.ua
2	www.googletagmanager.com	www.44.ua www.googletagmanager.com
2	44.ua	2 redirects
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	googleads4.g.doubleclick.net	www.44.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.co.uk	www.44.ua
1	stats.g.doubleclick.net	www.44.ua
1	cdn.sendpulse.com	www.44.ua
1	fonts.googleapis.com	www.44.ua
0	ad.atdmt.com Failed	googleads.g.doubleclick.net
137	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
twitter.com
www.youtube.com
tg-milih-metallobaza.44.ua
welovemebel.44.ua
apteka911.44.ua
natalina.44.ua
hospice.44.ua
viagrushka.44.ua
s.44.ua
apps.apple.com
citysites.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-18` - `2023-06-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
1603358863.rsc.cdn77.org R3	`2022-05-13` - `2022-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.mql5.com Sectigo ECC Domain Validation Secure Server CA	`2021-10-30` - `2022-10-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-22` - `2022-07-21`	3 months	crt.sh
*.adobe.com DigiCert SHA2 Secure Server CA	`2021-12-09` - `2022-12-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.44.ua/
Frame ID: 5C91B969B90EED464623BA0E56A10A73
Requests: 58 HTTP requests in this frame

Frame: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Frame ID: B1D84616453DB5DA62B6D51713F12649
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: F3D298C1C32E19961A6B83D3A32A2C19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364
Frame ID: E8B848B82184AAD7BEDB1D352E40B059
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&adk=1812271804&adf=3025194257&lmt=1657776887&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.44.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886940&bpp=1&bdt=894&idt=369&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=378
Frame ID: DA291189E85EE801B1721595BF5F836E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886944&bpp=1&bdt=897&idt=377&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=idPUrIDID9&p=https%3A//www.44.ua&dtd=381
Frame ID: 6A38D511911C51B6A663C4AC41BAD18A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1657776887&psa=0&format=380x600&url=https%3A%2F%2Fwww.44.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886948&bpp=1&bdt=902&idt=385&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0%2C1200x90&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3876&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mnRv8EnCZH&p=https%3A//www.44.ua&dtd=387
Frame ID: 197DC2FE00AAA224DE2A3CB98AA73415
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoyTMhbfkAfgdEcGo72LDYj1RjbCMJDhOhYtNQ13-zdy73yeobCMOulUkjBYb-cg77Pdn9U15MCwqUxjf6rYdiFJUeUYcvD5yKwNcLW6EsK1ZFvmonUL4FCGt_JtIcpo0-uE6ZUej1YfLY-shszcAva0Hvlw6v-0q8e07VteWl0XRb1NrZPrY-F6LSgY3lAHs18UMdvoH71P2j_W-gL8eP_ezOcG2MZwaeSXP2JEzcgSbB9i2RJAQwl_w7e3kCh7UdVYO16cCLGZaaWxVrJiQN0CbEIa_p747SEPPbkvs8pjugu8fsqVXGs1i6a6Sr3Holt3Tkk9v06CLJHy2hF45oCsJApyYk7QdKhWjYtvMMFPQAkBJCAkTTPOWhuQ9cp_aRhfoav1lhwP2fgvbmIU993IhA26ET9oxtISicfRvX-LJgTHtnQlZlSwZPhi62z_Lcs3dT74kv_BKn8EGC3m71oIFmdfofC-mB3Rb8r5OITIm25lJ3SOoUWOkt0GV5O6HL522d1A6jTy7oJmAwMEnNZbV73GZg9cJItrMpXprzX6DXxnYbcsH5ACOwvF3ScP7j7KkjUsWK2lv54Gz53z0xu0m78p_oJqwfP0JHvOPpU43DV1Hu4bFWGoitaT-wPXkmBIFW8hmx3IzhKtPMrb7qfdslpmDK-biTjLQ2s9hFmmdtUaQJfsetXHhqv24zHRFFhZodwF2aVHMQNjlJXC06IC2x3pAbqV64Gvs56102ZhTEO5MU5OmUktW4Zyecm8ZkinV6fKDBEG_6ghs8-rZJij1eLqr4vQ3lcBXfFWR0afaMBDqSdpsj5GWO0l-2iACCTwPkcPmrKZ-2i5vBxIOgDo1MlDEKz3QM3l6XVmSvx1szCscgG0W-9Lmt25wycJlu8J2qJzEKYJ9ooylBvVE8892CzaUEltsLx2D2IGmA6SppF27jCSEz-zjGSKldIOpGsna8OpDu93x2Uj-mDdUGexYlMPD53FNWQER7xDmTh5wWEZo8gwhli1fst-nXACfCPpREGXA7ly1ZyU-rammEWOFtScufTVUE6Q&sai=AMfl-YQjKjUiWbUAvxNWljF2_KK3qjSsHM_AwnAIIM6TZaR9Cx6dbCU_FWV43A&sig=Cg0ArKJSzPr9OLrYiiUBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: B9F453DEEAD1F59E7F9653D770889668
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012206162023000/amp4ads-v0.mjs
Frame ID: EE5252A387C880DD8D9B5D2C706C47D4
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 776E773786AF6172356DE53630B3A68B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F07EE1E63473DA60E1055D7CF52387B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/index.html
Frame ID: 2473FA9B60E2AF2DDBCA2C9791672C9A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6C2FEC44F00E07AE7F0B037463D75B8B
Requests: 2 HTTP requests in this frame

Frame: https://p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 69D2C8A3C978B9A631A2C58EA24064F1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2909.js
Frame ID: 0374EF1BA827BFD47E6F66D747C4C11E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Frame ID: 9DD2E667AFE2075BF892A22BD8C8471C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт Києва 44.ua - головні новини і події міста

Page URL History Show full URLs

http://44.ua/ HTTP 301
https://44.ua/ HTTP 301
http://www.44.ua/ HTTP 301
https://www.44.ua/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

137
Requests

98 %
HTTPS

79 %
IPv6

21
Domains

33
Subdomains

29
IPs

6
Countries

2889 kB
Transfer

6991 kB
Size

15
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Kiev44.ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kyiv_44.ua/

Search URL Search Domain Scan URL

URL: https://t.me/news44ua

Search URL Search Domain Scan URL

URL: https://twitter.com/kyiv44ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQLBnB-FgPvujY964D6tV5A

Search URL Search Domain Scan URL

URL: https://tg-milih-metallobaza.44.ua/
Title: ТГ Милих, листовой металлопрокат, металлобаза +380(56)370-25-12, +380(67)524-68-46, +380(67)640-14-63, +380(56)232-03-93, +380(56)370-25-14, +380(56)370-25-13

Search URL Search Domain Scan URL

URL: https://welovemebel.44.ua/
Title: WeLoveMebel - больше чем мебель +380(96)059-71-71, +380(95)715-56-76, +380(93)715-56-76, +380(44)334-64-97

Search URL Search Domain Scan URL

URL: https://apteka911.44.ua/
Title: АПТЕКА 9·1·1 0800 505 911

Search URL Search Domain Scan URL

URL: https://natalina.44.ua/
Title: Наталина, древнее венгерское гадание +380(97)320-72-42

Search URL Search Domain Scan URL

URL: https://hospice.44.ua/
Title: Hospice +380(68)645-73-11

Search URL Search Domain Scan URL

URL: https://viagrushka.44.ua/
Title: Інтернет-магазин VIAGRUSHKA. Засоби для потенції +380(98)159-52-39

Search URL Search Domain Scan URL

URL: https://s.44.ua/upload/files/app-world-production-release.apk

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/citysites-global/id1417356016?l=ru

Search URL Search Domain Scan URL

URL: https://citysites.ua/franchise
Title: Франшиза "CitySites"

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://44.ua/ HTTP 301
https://44.ua/ HTTP 301
http://www.44.ua/ HTTP 301
https://www.44.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://counter.yadro.ru/hit;44ua?r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.9435378689782348 HTTP 302
https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.9435378689782348

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

137 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.44.ua/
Redirect Chain

http://44.ua/
https://44.ua/
http://www.44.ua/
https://www.44.ua/

376 KB
71 KB

800ms
800ms

Document
text/html

2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 494cc4d27936c91c48353be457ed030343972639adfa86d24c794d65da9d9c49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72a7e41cef8c776b-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Jul 2022 05:34:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyw%2BjqOhYdugB13%2BfvaOhC9knXj%2BSfXEyNRu0M%2FFMiArZGdrZL0m9dcedDwrAugoXWIZ7IxVEuM4Y3QRRXAOPGMCdE3r4E5UHdxGEA57a9cx5Oju%2BpdqgyMswjXEfNSg3XSkUytPVjs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

CF-RAY: 72a7e41c8f4788ad-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 14 Jul 2022 05:34:45 GMT
Expires: Thu, 14 Jul 2022 06:34:45 GMT
Location: https://www.44.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh9TlI3Dx0%2B9So%2BTLZz70BMRR6%2FUJrAffuBpEiIVoQDFEwlnwycJo39PimYX6Itx3q9vrGgDVEgEyo2g%2FkMYmUBWbxe8QDMlC0jMnVeawM7jeTPZfq9qzg1M1zABuZWA9xLgVa0WQ4o%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 179ms
62ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 04:23:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 05:34:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 05:34:46 GMT

GET
H2 200 styles.7d8e5a5a1389165f513c.css
www.44.ua/ 79 KB
15 KB 56ms
55ms Stylesheet
text/css 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/styles.7d8e5a5a1389165f513c.css
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dc6a25c67652e0c543e6726ef605bb3a842a42f483bca64d315c9affa8d3cbdf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405057
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 09 Jul 2022 10:41:32 GMT
server: cloudflare
etag: W/"13bdc-181e28cdf60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI2ic6jO8SnjNfNsH23jovTc3tioTbiAg%2BYKKV%2FR67ppYFt2JO3ySTjitobi9zb0pv9wnvNMSjKOJfd0XnncBuMTA98Zgs1lLjoboNvu0ZwU99iPFVmBhxjxLKv%2FFe7Z17Mv7e4%2BanI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72a7e421ff64776b-LHR

GET
H2 200 cap.jpg
www.44.ua/dist-assets/images/ 629 B
968 B 51ms
51ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.44.ua/dist-assets/images/cap.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1f45ec49ef8ba141166495912187578b9fd5b0a8e09f26ad217a51aa03d9e8c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9046063
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 629
last-modified: Wed, 23 Feb 2022 07:49:59 GMT
server: cloudflare
etag: W/"275-17f258ef058"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmBMiQodytMtNNd74DSy813mwUrA44Dy89VL%2FWYlVqbm9lK4MiuorkAA5Z9PHZJbdBtf0vGA0Z0ETfqyjX2mUfsWrg1JuOlOu%2FJIptoDP8MZqfPuwvI5atFysgU4cHtD0mKmHTgJdxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72a7e4221f92776b-LHR

GET
H2 200 email-decode.min.js Show response
www.44.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 47ms
46ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.44.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Jul 2022 19:29:15 GMT
server: cloudflare
etag: W/"62c8858b-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13urFKthdlvcoc2UKM1354leaJJe7tocHdkocCQDru8i2xNIAc94DUAVib1%2Ff2Zt2MIDeP1tkLQxasfrxCCAmI4r8ilKsHDq8QoYoa3gr%2Bk1rnML9QrFYRxmnBF3IFIu3kiMXKA%2BDZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72a7e4221f96776b-LHR
vary: Accept-Encoding
expires: Sat, 16 Jul 2022 05:34:46 GMT

GET
H2 200 runtime-es2015.791a2c0d1ce08a0a7636.js Show response
www.44.ua/ 2 KB
2 KB 54ms
53ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 206bc1426917dc07b0ff430cda7ee9b7bc5a7159476d5b0352f7b1cec58652c4

Request headers

Referer: https://www.44.ua/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54109
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jul 2022 14:13:36 GMT
server: cloudflare
etag: W/"987-181f7e87680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvCimONoReE4ye5V65VdK1abI3vJja0P5Mbf2dO9rn3YApTnIS6dwxo7xmoi26l7gXUXmJIacI%2B5bZI6hQTPczFtM7UfNf1q%2FdTgNCiC2n5v7FdhcNw%2BqWEgfL5zQL1bnR3%2FiULiQn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72a7e4221f9c776b-LHR

GET
H2 200 polyfills-es2015.b2765e0adb0cb550e072.js Show response
www.44.ua/ 37 KB
13 KB 54ms
54ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/polyfills-es2015.b2765e0adb0cb550e072.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6088e1e4c947d8629864ebef4328c11cd9cb780cfe8d4024e82e7b90a9f02c4c

Request headers

Referer: https://www.44.ua/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79950
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 10:07:22 GMT
server: cloudflare
etag: W/"9326-181ecba4f90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dREdCtVyDee0zqLO0K0s%2B1t%2B6G26f23YOTg%2BOK0XuyqaqT8PLugJrnHWR2jcKvcoYvZDSXw6n0JPADmLuGBNtL%2BlvaRBXtxrVKVJufUMgJpEezpPlC1PV3VIuxaz%2FQku5P0u6hzW97o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72a7e4221f9e776b-LHR

GET
H2 200 main-es2015.2044aab7fb7b27c7adac.js Show response
www.44.ua/ 1 MB
389 KB 69ms
69ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/main-es2015.2044aab7fb7b27c7adac.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4cf87b6154014c6e1f85744ca77b88b2b56c4a10cc32713562bb4605d31e0f73

Request headers

Referer: https://www.44.ua/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54109
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jul 2022 14:14:09 GMT
server: cloudflare
etag: W/"176b90-181f7e8f768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5juKh1vQOwpRF1P9Ubaijk3bCl8l6YapBjyD3M2Rm3vHSwgtL59zG5MuKKwZe1W%2BW%2FajVPiefnd157bCc8CawVfu0Sk0WO0yRXzbSAP8Efzm67m%2BLIuU8AaJ0y%2Fvaa8VYL5BkI3GyE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72a7e4221fa0776b-LHR

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 170ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 22:17:29 GMT
x-content-type-options: nosniff
age: 112637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 22:17:29 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 246ms
130ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 112555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 22:18:51 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 265ms
149ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 112555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 22:18:51 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
9 KB 178ms
70ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6618b9e896668a4f31412b7be6751c198a88b157fc056d4932e41e7f6d38acf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 23:02:06 GMT
x-content-type-options: nosniff
age: 109960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9260
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 23:02:06 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
10 KB 215ms
109ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 22:27:16 GMT
x-content-type-options: nosniff
age: 112050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9692
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 22:27:16 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
9 KB 222ms
119ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.44.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 22:59:54 GMT
x-content-type-options: nosniff
age: 110092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9592
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 22:59:54 GMT

GET
H3 200 check-login Show response
www.44.ua/api3/auth/ 4 B
676 B 100ms
100ms XHR
application/json 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/api3/auth/check-login
Requested by: Host: www.44.ua
URL: https://www.44.ua/polyfills-es2015.b2765e0adb0cb550e072.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.44.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jVV8dFikjN5AnP%2BWkmDWELJoxBcUmH7cdvR8rnj054mFjxu9t5hbleBCzGneIWob0EnrURiaSdqLA5x3voLOIqCFEUlEbvrkqyryeaVfNbp0vJK1eSTZAYBhXGx67dB83aeu6fMnmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-expose-headers
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 72a7e423da8388b0-LHR
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 common-es2015.df507a8b061d69d1e913.js Show response
www.44.ua/ 7 KB
3 KB 97ms
96ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/common-es2015.df507a8b061d69d1e913.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 61eca17309586ff4b8a5463713a06052de061009c9ce335941e330a98b950060

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79949
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 10:07:23 GMT
server: cloudflare
etag: W/"1a0b-181ecba5378"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLvp4%2FtlGmu4bZxcYoEmFEhSe5Jn%2B7kcc91GJZFRO36GKqIKtcM250J0T2zyCbHGG9TuC3gqPMYItcR%2BcbRMpLi0Yet2JoXsdUAJlAD%2Ba2EpfW%2FOox3AiYC401L0fTk6akhE2SfCOCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72a7e423ea8588b0-LHR

GET
H3 200 8-es2015.9eff69574804c1fc5a45.js Show response
www.44.ua/ 73 KB
15 KB 52ms
52ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/8-es2015.9eff69574804c1fc5a45.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 50ea5fd8c595c2f314dbb86478f09abd3e2467f701da75fc624fd28627cd9dbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 413985
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 09 Jul 2022 09:42:40 GMT
server: cloudflare
etag: W/"12258-181e256fa80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw8Xo2t2uPyNJ8A1tHt70vfyMDv59pLXWH00yZLYut%2BNh0fCmBQ5hs8H5Em%2B0XO0WheJBlIBkRW16Jay1MT0d%2FMOm5Bj3Lw9JUA6fBZ6xZwDvGjQBSMY%2F1GmLsffQbSbxP%2F7numoxmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72a7e423ea8888b0-LHR

GET
H2 200 0e60e84b091e32245e3cbae1d2e5bc5c_0.js Show response
cdn.sendpulse.com/js/push/ 3 B
2 KB 296ms
54ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/js/push/0e60e84b091e32245e3cbae1d2e5bc5c_0.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/main-es2015.2044aab7fb7b27c7adac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 , United Kingdom, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com .googleoptimize.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 14 Jul 2022 05:34:46 GMT
x-content-type-options: nosniff
x-77-cache: HIT
x-cache: HIT
x-age: 501377
content-length: 3
x-xss-protection: 1; mode=block
x-77-nzt: Abk73BCrI3X/gaYHAA
x-accel-expires: @1657880309
x-sp-ma: sp-ma-0
last-modified: Thu, 16 Sep 2021 09:58:45 GMT
server: CDN77-Turbo
x-77-nzt-ray: GafYPuEI/b0
vary: User-Agent
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr7
cache-control: max-age=604800
etag: "3-5cc19dc491783"
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
accept-ranges: bytes
expires: Thu, 04 Nov 2021 16:21:47 GMT

GET
H3 200 i18n-base-es2015.e9d5ff8bcaf62b9395c7.js Show response
www.44.ua/ 100 KB
6 KB 54ms
54ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.44.ua/i18n-base-es2015.e9d5ff8bcaf62b9395c7.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/runtime-es2015.791a2c0d1ce08a0a7636.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fdf544df1b3f5ce13216c6bf87984566f7bc6c0a6016458234598e9ae598e039

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2299277
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 16 Jun 2022 12:50:46 GMT
server: cloudflare
etag: W/"18e82-1816c90ec70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yh8%2BhEuWCVamhMHlFEYqYatDDzzGstGHMuA6N953E0n7n%2Be2VU7Ain2FBiS2uCIxfO9q96GIDmenr2eEjF71k2%2BcJ9AkZ6suxXO4%2FZbpIC3fiLDYB8FqzT%2FLHj2Y5pq8%2BsHFZsFzvO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 72a7e4248b7488b0-LHR

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
53 KB 182ms
65ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Requested by

Host: www.44.ua
URL: https://www.44.ua/main-es2015.2044aab7fb7b27c7adac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75a550a4a58f5b900904cfe71c903342008240e73511c8f42865d5f9c57bd6e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54025
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Jul 2022 05:34:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 205ms
81ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/main-es2015.2044aab7fb7b27c7adac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3246cdfb31e93111d281a7510e7ef7221db858242eb2edf47628fe702a6ee130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56663
x-xss-protection: 0
server: cafe
etag: 14774770775402223282
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:34:46 GMT

GET
H2 200 mlinci380x620_62b0ac89bafee.zip.html Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B1D8 592 B
578 B 133ms
123ms Document
text/html 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Requested by: Host: www.44.ua
URL: https://www.44.ua/main-es2015.2044aab7fb7b27c7adac.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f58f9a8e5dc91d465af6ec04f40d4c79156c3014c39f0268395d3390414bf6

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 72a7e4257d03776b-LHR
content-encoding: br
content-type: text/html
date: Thu, 14 Jul 2022 05:34:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92dVTzJTPkbThkqv%2FKTzSgi53z1ER%2FgeGWJLNEg0B%2BVkUdy2slDuMSEacznloxig4ecTacygsehPhdURmKIJ0%2B0xzltu0SD9wcL7T5hj0tfK3KnNGsp6OL3TA173SBv3nHoUZFjz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 newshablonr12_62c832b256e7e.jpg
s.44.ua/section/banners/upload/jackets/000/000/070/ 40 KB
40 KB 171ms
170ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/070/newshablonr12_62c832b256e7e.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c4dcf397adf03f512c5d496b577d34940011df4b7b0630711ac879fef501e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40831
last-modified: Fri, 08 Jul 2022 13:35:46 GMT
server: cloudflare
etag: 1657287346-x-1-0-40831
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y%2FLitRAeGCuQ4iwgoSBErsXJosvkWNNpWZ2JbriEPZr8feI%2BYSmUjCOcVIv6UFk5MK8g0gqNJA1%2F8DVJSJ2s9ELvalgDcHld4ae5zf7VTXuuphMCCb2iY1cHV4QpEbqJqU80t83"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e425dd7e776b-LHR

GET
H2 200 5303095768363679254120_62b4276d43468.jpg
s.44.ua/section/banners/upload/jackets/000/000/069/ 45 KB
45 KB 216ms
215ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/069/5303095768363679254120_62b4276d43468.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d4ed36f5cef56c64782ff670ac22553f6f109b1e3d23b13b6a5798d5460dc42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46142
last-modified: Thu, 23 Jun 2022 08:42:21 GMT
server: cloudflare
etag: 1655973741-x-1-0-46142
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FcFN7Yy3Y%2Bgkt8O893203PbHSrMoghAZVNb6lv895GFXXXZbXkbXF6XmWleILaxt9Ja4V2KpYHnts1BHWi%2BhQIRB8f6DMYE7RbKtEOvxLzqbO0zXar04VBIcqtQrRrYXF6jthfy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e425dd7f776b-LHR

GET
H2 200 25341773382926998352_62c6ac96e8473.jpg
s.44.ua/section/banners/upload/jackets/000/000/070/ 71 KB
71 KB 198ms
198ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/070/25341773382926998352_62c6ac96e8473.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de6bde192b8ef66858ff9604bac923ef64e98941e3a378864e43030097fba1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72407
last-modified: Thu, 07 Jul 2022 09:51:19 GMT
server: cloudflare
etag: 1657187479-x-1-0-72407
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrwKkb3VV8gxVC1h2aMrpnj5d2gPK%2BNmLTBvYvq%2F53dA32g2IxgDpnmt6nrp5KE8s0RHAUMgM0aqN6SbpZ1TT%2BcU0uKWXQxzFhD7c4lK3pNI9bTh7bJEg9SzWBogT%2FEwgTZebVzl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e425dd82776b-LHR

GET
H2 200 1180x110_62b6279dd3193.jpg
s.44.ua/section/banners/upload/jackets/000/000/069/ 34 KB
34 KB 81ms
81ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/069/1180x110_62b6279dd3193.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337f7e7cc2848c9c41bc68cc0ee67c832ff4c832f9d36419a4d9cbe6d6ac6e23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78897
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34472
last-modified: Fri, 24 Jun 2022 21:07:42 GMT
server: cloudflare
etag: 1656104862-x-1-0-34472
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtlDJsG6zqlbcInR6GUjWvew4awsbAXBYEs8e0YoiaL7BkNIzAkJg9LuzbANFiOMSbEivcjLgj39Tdk6x%2BMhNEr9SG%2BWjYFnbkNvMVpeKks9Y4jGH4ddbnk8lXSnifmSIVOq0cT8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e425dd84776b-LHR

GET
H2 200 newshablonbl380h6202_62cbe238ebeb4.jpg
s.44.ua/section/banners/upload/jackets/000/000/070/ 61 KB
62 KB 190ms
190ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/banners/upload/jackets/000/000/070/newshablonbl380h6202_62cbe238ebeb4.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5578877a699946a433f7636864f26585fc5ed65e6c0e405ea4c7f74f745016

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62711
last-modified: Mon, 11 Jul 2022 08:41:29 GMT
server: cloudflare
etag: 1657528889-x-1-0-62711
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk13xF%2FOaoVNGJ95YsROBLyvlnJRqKptnxtHR%2BsYHy9JrdqlaEsOVOmCnD8ozhFFkSE35xrUhX2u5jFqZj8gqjAVHftI2smlwisrlI%2Fb0cKC55NzQ5Y2X7Vf70DpT7Y5ly7KRqvT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e425dd87776b-LHR

GET
H2 200 header.webp
s.44.ua/section/header_image/upload/pers/22/ 52 KB
52 KB 70ms
70ms Image
image/webp 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/header_image/upload/pers/22/header.webp
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323d682f4b687b70141bc8af259298b5835f090e712fbdc107ebbe2d5656e0db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 530063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53240
last-modified: Wed, 22 Sep 2021 12:17:37 GMT
server: cloudflare
etag: 1632313057-1784x100-1-1-42654
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5WhWO4ietoBHNNqLkXq2ln1Qx8CjZuUmAWQapv8uHod%2FcYNWzMIDmewEfJbSDTUKtzN%2BgExP7zUT%2Fl9DvF8qJp6Cat6%2BXAcO2d7Y%2Fxb5xtUHfw8%2FMnIyX8L6jFKrowZYjo%2BWS3K"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4260dc0776b-LHR
expires: Mon, 08 Aug 2022 00:44:00 GMT

GET
H3 200 logo.png
s.44.ua/section/logo/upload/pers/22/ 14 KB
14 KB 56ms
56ms Image
image/png 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/logo/upload/pers/22/logo.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c745af997994c9f9f50aa0b625c00e41b303fee332b4a9f1a4266e3aa4e3d83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81728
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14180
last-modified: Wed, 08 Jun 2022 12:12:04 GMT
server: cloudflare
etag: 1654690324-400x80-0-1-14180
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5205qswS45hpoHzlN7yyN5edczHhbYC%2BKj%2FFUnrU8QBTL6vAOIsJ%2F5%2FIxVz9xK8WQ1jL%2Bw6CMlxGARcEqu5iFEek7NTTZjaFGbV3nohfpEha6Y6qzo30FAttSNK4u8b%2FjCguKwL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4264da488b0-LHR

GET 24123fd3-33bb-4138-ad70-736f726661d4_62ceec1fa459c.jpg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 0
0

GET
H3 200 29362658452478491719374783287204320336270663n_62cedd6a56452.jpeg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 82 KB
83 KB 1169ms
1168ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/29362658452478491719374783287204320336270663n_62cedd6a56452.jpeg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3aa2484855e4c36892f02a050cfc4c458d428bf8583629ed07fde8aca48876a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84174
last-modified: Wed, 13 Jul 2022 14:57:47 GMT
server: cloudflare
etag: 1657724267-885x400-1-0-77855-
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaDBdYKl3QuUVr4OtGRO1Gqy78Y22XohQaoKsfg6rJt8gwUE2YljnaL%2BbYyoqa950OYbdKrH11cIHm0KUlDzmSV3aBSPC1LcPO7pN1J6Ggqrhrhp68ohWMqAA3gutGIc9wNkwUwH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4264da788b0-LHR
expires: Fri, 15 Jul 2022 05:34:47 GMT

GET
H3 200 akademmistechkometrostationkiev201002_62ce86f0dc1ca.jpeg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 65 KB
66 KB 58ms
57ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/akademmistechkometrostationkiev201002_62ce86f0dc1ca.jpeg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e22e8acea811b462c808c477994f434db1e6792a0283bf04c0a7c4d70c5211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73530
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66576
last-modified: Wed, 13 Jul 2022 08:48:50 GMT
server: cloudflare
etag: 1657702130-885x400-1-0-59412-
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaQeL9Rg%2BtbuOzaKWBVBUmQQEhFyFeaLbXJsuEtzOKGys94x8av0FFqmnQT5RLw1O6p6VswGJvkrABxaf6YG%2F81m4fly3914isTcGqL8r4kbfNU37NiU60iEmLlb%2BpO1R8hKSNXr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4264da988b0-LHR
expires: Thu, 14 Jul 2022 08:57:43 GMT

GET
H3 200 2923352844133912941621389110250493478545186n_62cd9bd15175a.jpg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 49 KB
49 KB 2897ms
2896ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/2923352844133912941621389110250493478545186n_62cd9bd15175a.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9337be81ff7e26deab9cfcf8e82735e17251bcb74ece6c802865b7bd5e97f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:49 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49750
last-modified: Tue, 12 Jul 2022 16:05:38 GMT
server: cloudflare
etag: 1657641938-885x400-1-0-55334-
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaoEp%2FGZg2Iq8ZYJzDIc8SWLKnngLopBKyQstBfu%2BloLxqEAeMz2b5raLqd794ETZtMgWe2HoLYnqKjxK9fM47h2dm3Vy8g89bbzzFW5FBHYqaBYjsxYmCKcK8KX%2BK8oIB2tPxBQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4264dab88b0-LHR
expires: Fri, 15 Jul 2022 05:34:49 GMT

GET
H3 200 850f71d-293290154-5244235765632152-3902462709221948719-n_62cd93cb4a30d.jpg
s.44.ua/img/section/newsIcon/subdir/card/is/2/ 67 KB
68 KB 977ms
976ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/850f71d-293290154-5244235765632152-3902462709221948719-n_62cd93cb4a30d.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f00fab71c94670bf0e8897eef7100a1411c9ef79356fdb82b20037c86a7e2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68924
last-modified: Tue, 12 Jul 2022 15:31:26 GMT
server: cloudflare
etag: 1657639886-885x400-1-0-68924-1657639925
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dx%2Fg1YbpR6eaEV1O7kd4EqKwznFS6U8EH%2Bbr9qjqmD%2BkYylHofpXAGvY8BR7ZITbl6qYOddCZEkFhD9ou0yKBV775u5873pjdePiAw8LImP7s1fBp7fZErS7C6lmc00V66zdfWIV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4264dad88b0-LHR
expires: Fri, 15 Jul 2022 05:34:47 GMT

GET
H3 200 1210497303654909521207336484534537403900621o_5f7f1b0473017.jpg
s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/ 10 KB
11 KB 153ms
152ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/1210497303654909521207336484534537403900621o_5f7f1b0473017.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5646c32757629240fd5946ac6d688e6632f5283f7499a03f1cd5268ad237442

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10539
last-modified: Thu, 08 Oct 2020 13:58:28 GMT
server: cloudflare
etag: 1602165508-300x300-0-0-10539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPmJ%2FuUdqH1UccbvwEOTNa3LjiWsr0LKze2jvgNOQxEQOwnEOflw9bUiFYt3XSgvcCSJ0m0u3%2BqidzMRTKIAcTd9n41i3FV%2FA3zbcCtJLc8dSl%2BO%2FevPRMBMji6Zwee7GJc0gu6O"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4264daf88b0-LHR

GET
H3 200 12105716136549093778740173966554266477053804o_5f7f1b0b66cb3.jpg
s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/ 8 KB
8 KB 154ms
153ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/section/poll_answer_poster/upload/images/polls/000/052/632/12105716136549093778740173966554266477053804o_5f7f1b0b66cb3.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc6b1237b3289e82df0dce30c0ec9d62a016d571aebd51149f1741b55271704

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Thu, 14 Jul 2022 05:34:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7916
last-modified: Thu, 08 Oct 2020 13:58:35 GMT
server: cloudflare
etag: 1602165515-300x300-0-0-7916
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec6RJkJOgPx8T4gR7rv%2B8jyV4HyXecYMxZTEPyrkW1PfHAzvc8BIdC5O55B%2Bil6hzM3ci5J4yVNBNWHOWnj2%2F1pvbbpeUVKWoltAydCHninwIffeV4JrsaBQLbo5zxvSMieJOHG%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 72a7e4264db188b0-LHR

GET
H2 200 core.js Show response
content.mql5.com/ 33 KB
11 KB 169ms
52ms Script
text/javascript 78.140.180.86
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://content.mql5.com/core.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.140.180.86 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

Resource Hash

c227f98d208a46180b3619835a1dd967cf39c0fc9306eb5c880695652c7ac5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
last-modified: Mon, 11 Jul 2022 14:51:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
cache-control: max-age=259200,proxy-revalidate,public,immutable
content-length: 10996
expires: Sun, 17 Jul 2022 05:34:46 GMT

GET
H/1.1

200
OK

hit;44ua
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;44ua?r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%...
https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043...

43 B
528 B

89ms
89ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.9435378689782348

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 05:34:47 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 13 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 05:34:46 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;44ua?q;r;s1600*1200*24;uhttps%3A//www.44.ua/;h%u0421%u0430%u0439%u0442%20%u041A%u0438%u0454%u0432%u0430%2044.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.9435378689782348
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 13 Jul 2021 21:00:00 GMT

GET
H3 200 Untitled-2_edgePreload.js Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B1D8 13 KB
6 KB 144ms
144ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e186bbc06b96cb2d5174b6d75cdda04f9cfc8d150a1fe2b6e35d711cac530e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:13 GMT
server: cloudflare
etag: W/"62b0ac89-35d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evLhBVWnSOl%2B4nRBhamVKPeAY0kSYosIRaSmQ1oBZkFrjf9hsDPse3JNi8K1fTtej2boe1r8pXKqs51w0wHchywTbCLTSPlSffIuLyY6cDPPhvm5551pxgARoJ6B1GshT%2BiczxL0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72a7e4266dca88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 172ms
62ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41ef120f49351ad737d0db29e670ff593e49d1252b88effd8ceb4acfcdce5a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70790
x-xss-protection: 0
expires: Thu, 14 Jul 2022 05:34:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 173ms
56ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1730
date: Thu, 14 Jul 2022 05:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Jul 2022 07:05:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 181ms
58ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: oSyp4WUQZg/YKQBEv4bHjG+//qngZPFZlaEvFT9i4yuGLxvbdTiAf24fy8+CLkQx8+h6LPlWDE3QuvcJD53jrg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Jul 2022 05:34:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame F3D2 10 KB
5 KB 175ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 85652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 05:47:15 GMT
etag: 10429905676100781186
expires: Wed, 27 Jul 2022 05:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tr
content.mql5.com/ 70 B
253 B 49ms
48ms Image
image/png 78.140.180.86
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.mql5.com/tr?event=Visit&ref=https%3A%2F%2Fwww.44.ua%2F&id=flbkzwfjlzjkmcuplfbjtahzjwjipviczf&ssn=1657776886756379592&ssn_dr=0&ssn_sr=10&ssn_start=1&fv_date=1657776886&title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&scr_res=1600x1200&ac=165777688691516486&sv=2303&fz_uniq=6376722757604547830&an=%7B%22vn%22%3A%22Google%20Inc.%22%2C%22cd%22%3A24%2C%22dm%22%3A8192%2C%22ln%22%3A%22en-US%22%2C%22rn%22%3A%5B1600%2C1200%5D%2C%22ar%22%3A%5B1600%2C1200%5D%2C%22ss%22%3A1%2C%22lb%22%3A1%2C%22cb%22%3A1%2C%22ls%22%3A1%2C%22db%22%3A1%2C%22ax%22%3A0%2C%22pm%22%3A%22Win32%22%2C%22rp%22%3A%5B%22Chrome%20PDF%20Plugin%22%2C%22Chrome%20PDF%20Viewer%22%2C%22Native%20Client%22%5D%2C%22wv%22%3A%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%22%2C%22to%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22hc%22%3A4%2C%22ab%22%3A0%2C%22ts%22%3A0%2C%22ps%22%3A%2220030107%22%2C%22od%22%3A0%2C%22dr%22%3A0%2C%22bb%22%3A0%2C%22bo%22%3A0%2C%22bl%22%3A0%2C%22bs%22%3A0%2C%22dt%22%3A10%7D

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.140.180.86 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

Resource Hash

e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:46 GMT
cache-control: no-cache
content-type: image/png
content-length: 70
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: -1

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 340 KB
120 KB 188ms
79ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1997604921077896&plah=www.44.ua&bust=31068418

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af631fde073e096f8aaca810104e57f9cc59c46981a696df6684f1f96bb1ee40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122501
x-xss-protection: 0
server: cafe
etag: 4143874453581154081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 05:34:47 GMT

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame B1D8 3 KB
3 KB 173ms
56ms Image
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:09:08 GMT
x-content-type-options: nosniff
age: 1539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 05:09:08 GMT

GET
H2 200 edge.4.0.0.min.js
animate.adobe.com/runtime/4.0.0/ Frame B1D8 18 KB
18 KB 536ms
72ms Image
text/javascript 2a02:26f0:480:9::210:ee09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Thu, 14 Jul 2022 05:49:47 GMT

GET
H3 200 Untitled-2_edge.js
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B1D8 2 KB
2 KB 52ms
51ms Image
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edge.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
age: 158313
etag: W/"62b0ac8a-763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vY4u03LUaBfStBmPdTA90p6stCMeGtPkErg3qlmIkOvKLRdwVOmt6oEfZZsDHwp%2BUIDH2pnZJcFzgciIO%2BaDqK%2BzzfhWsi2CP4QwrHyfyqBrgmaJNBVLGTLBohPbI%2BfLiY0DytZX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72a7e427af7888b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B1D8 691 B
691 B 107ms
106ms Image
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgeActions.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: W/"62b0ac8a-2b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v3xS%2BxtX4JRlvXssEMhwAKlZ2PPGWomy2aT7nqRvXTTIn0bt2Hmjet5ga29WrIcvswXW5sM1Jb8zC7mNKHstT5iB63o3rwoe4F8OZI5E1dVf6XFx%2BLPuFFM52IVccJjXlHW%2BmPn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72a7e427af7988b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame B1D8 82 KB
82 KB 177ms
118ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:09:08 GMT
x-content-type-options: nosniff
age: 1539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 05:09:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
442 B 174ms
60ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8955215-58&cid=1666317256.1657776887&jid=671301825&gjid=1836750985&_gid=1198238711.1657776887&_u=YGBAgEABAAAAAE~&z=900722657

Requested by

Host: www.44.ua
URL: https://www.44.ua/polyfills-es2015.b2765e0adb0cb550e072.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.44.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Jul 2022 05:34:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.44.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 168ms
59ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=28737867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=671301825&gjid=1836750985&cid=1666317256.1657776887&tid=UA-8955215-58&_gid=1198238711.1657776887&gtm=2wg7d05PBKBDZ&cd3=false&cd4=1657776886857.ap87r45a&cd5=2022-07-14T05%3A34%3A46.857%2B00%3A00&cd7=Yes&z=868184282

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:08:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19558
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 167ms
58ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=28737867&t=pageview&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAE~&jid=&gjid=&cid=1666317256.1657776887&tid=UA-8955215-58&_gid=1198238711.1657776887&gtm=2wg7d05PBKBDZ&cd3=false&cd4=1657776886905.dq1a28wi&cd5=2022-07-14T05%3A34%3A46.905%2B00%3A00&cd7=Yes&z=1262774605

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:08:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19558
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2718182741528799 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 124ms
63ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2718182741528799?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2049265d41ff8d1d889b6a7c84b58f0ebb67409484ec72d501074ab7a10643e0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85651
x-xss-protection: 0
pragma: public
x-fb-debug: 3YXqUIoChVyHtqAPf4tHFEm3lzWHQUkI7j+KwgmLvOSibGyJV678bjHy/TQAsdehpXKCzAxp/+IIRcDlxkfJ/Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Jul 2022 05:34:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 179ms
60ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HVMDDH6B1F&gtm=2oe7d0&_p=28737867&_z=ccd.v9B&cid=1666317256.1657776887&ul=en-us&sr=1600x1200&_s=1&sid=1657776887&sct=1&seg=0&dl=https%3A%2F%2Fwww.44.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.44.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
502 B 184ms
65ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8955215-58&cid=1666317256.1657776887&jid=671301825&_u=YGBAgEABAAAAAE~&z=827481555

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
502 B 190ms
65ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8955215-58&cid=1666317256.1657776887&jid=671301825&_u=YGBAgEABAAAAAE~&z=827481555

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
639 B 189ms
65ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.44.ua&callback=_gfp_s_&client=ca-pub-1997604921077896

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1997604921077896&plah=www.44.ua&bust=31068418

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

d24e7a296ed8139cffaca96a74674e27f8facd2b8be4054a39082f2aa4946ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
793 B 220ms
64ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.44.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 188ms
66ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.44.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E8B8 74 KB
29 KB 631ms
520ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a659307f7b2225025cdfd50cb419f7217dfe64572fd6290d316b296c0eb06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30129
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 05:34:47 GMT
expires: Thu, 14 Jul 2022 05:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.44.ua%2F&tn=DIV&cls=foot-banner&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA29 116 B
114 B 218ms
125ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&adk=1812271804&adf=3025194257&lmt=1657776887&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.44.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886940&bpp=1&bdt=894&idt=369&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=378

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 91
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 05:34:47 GMT
expires: Thu, 14 Jul 2022 05:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A38 155 KB
19 KB 484ms
398ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886944&bpp=1&bdt=897&idt=377&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=idPUrIDID9&p=https%3A//www.44.ua&dtd=381

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed8e2ccc16aa259680fec1ec485c202eb5bf07f9815efa46ee86ad6da87b5846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 19877
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 05:34:47 GMT
expires: Thu, 14 Jul 2022 05:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 197D 108 KB
38 KB 379ms
303ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1657776887&psa=0&format=380x600&url=https%3A%2F%2Fwww.44.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886948&bpp=1&bdt=902&idt=385&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0%2C1200x90&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3876&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mnRv8EnCZH&p=https%3A//www.44.ua&dtd=387

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5496c6b6ebec55ff94e2ddeff3dd8e7c518421643ea4d95a8a3059960856015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39060
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 05:34:47 GMT
expires: Thu, 14 Jul 2022 05:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 edge.4.0.0.min.js Show response
animate.adobe.com/runtime/4.0.0/ Frame B1D8 119 KB
37 KB 150ms
60ms Script
text/javascript 2a02:26f0:480:9::210:ee09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Thu, 14 Jul 2022 05:49:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
299 B 174ms
55ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2718182741528799&ev=PageView&dl=https%3A%2F%2Fwww.44.ua%2F&rl=&if=false&ts=1657776887345&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657776887344.623250519&it=1657776887085&coo=false&exp=u0&rqm=GET

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Jul 2022 05:34:47 GMT

GET
H3 200 Untitled-2_edge.js Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B1D8 2 KB
2 KB 53ms
53ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edge.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59640c1c4b3c56c15664901632f04ba3cc5b8db05eb243c0d700627c5501912a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
age: 158314
etag: W/"62b0ac8a-763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BItRnRRdkpTeMf7pkiv6EqTDMlsHajl6NYECnGRjUC03t7ZFxJmd1KHG7yoN%2B%2BsXGkxHZqR5ezrrvwQq41BpuSvHlMrIalBP3M7MfzqBiX3JHCCBEtF%2BA1X7kc%2FOtd%2BeVR1mNDUM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72a7e42b6c7288b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js Show response
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/ Frame B1D8 691 B
905 B 53ms
52ms Script
application/javascript 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgeActions.js
Requested by: Host: s.44.ua
URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05f4bcca4ab7f481dc128f5f7cfbb7e3362f080ec41856d46dc937e62a3c528e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
age: 0
etag: W/"62b0ac8a-2b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IQgDGQ18NmeQ4XhV73z8PEIsdiYqamJS%2B%2BqmJ%2Bje3q0pL5rz3WN3ut0XNP3HU6pWtCIKi9zdSFsxLDuOwiueXIQ1q2ogTTO2of5iXtUCFm%2B09fhxyb5ZDXEJ8WskTaqJlkfA3Dk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72a7e42bbcf588b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 back.jpg
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B1D8 114 KB
115 KB 170ms
169ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/back.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28de6798a356be73f715a4bf87b6f0c30d66c0e52d08c4196d5e6049bdebd202

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1c890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSBEBVO0g0pzOtyEc0H1xZpFLN2k5a3Sy47lK3Ar0DnyngtducwfWzPJaIDx5qN0aqhyiORSRHieI3Gl8rBnhLAWu8%2BFzLRuFKwT9YYBAQkAqjqCwZD%2B%2Bm72c6ONnPyZESCP%2FjwN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72a7e42c2d7388b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116880

GET
H3 200 sl2.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B1D8 13 KB
14 KB 121ms
120ms Image
image/png 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl2.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f1b1992c4b8ebd986428001b2fd1e5b8662408881109b52c8544687b341e51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-3577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsOKAo12l%2BwMzjtr90vvcHRfhHcejJw%2F2cz7nzRO4v1S3M0ipv63XC0rIokGTKP58x%2FVAr1nJMk4SzzVF4xno58eeSD5i7n6rEg2MZACF%2B2LAieI7wvk6RPhGfY7PYMaem%2BNV2LP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72a7e42c2d7488b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13687

GET
H3 200 sl1.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B1D8 7 KB
8 KB 120ms
119ms Image
image/png 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl1.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826447e87f27f823f9fb354c1d49f74015905795dec1aa558945747b41af87ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1cf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrmI4wvO6s%2Fg5iubRJRj3in0ki876cUTFh9O6PXP0jErtiSmgFp5HEIYkAsCb7h8ctWriO%2BBra%2BV%2BSVt6jpqn%2BAJInq5B56vBMwoCXSjhjvrubRc%2B0D2tzaJ0ZXx1z7u1BwVJLYy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72a7e42c2d7588b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7408

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9F4 0
0 235ms
98ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoyTMhbfkAfgdEcGo72LDYj1RjbCMJDhOhYtNQ13-zdy73yeobCMOulUkjBYb-cg77Pdn9U15MCwqUxjf6rYdiFJUeUYcvD5yKwNcLW6EsK1ZFvmonUL4FCGt_JtIcpo0-uE6ZUej1YfLY-shszcAva0Hvlw6v-0q8e07VteWl0XRb1NrZPrY-F6LSgY3lAHs18UMdvoH71P2j_W-gL8eP_ezOcG2MZwaeSXP2JEzcgSbB9i2RJAQwl_w7e3kCh7UdVYO16cCLGZaaWxVrJiQN0CbEIa_p747SEPPbkvs8pjugu8fsqVXGs1i6a6Sr3Holt3Tkk9v06CLJHy2hF45oCsJApyYk7QdKhWjYtvMMFPQAkBJCAkTTPOWhuQ9cp_aRhfoav1lhwP2fgvbmIU993IhA26ET9oxtISicfRvX-LJgTHtnQlZlSwZPhi62z_Lcs3dT74kv_BKn8EGC3m71oIFmdfofC-mB3Rb8r5OITIm25lJ3SOoUWOkt0GV5O6HL522d1A6jTy7oJmAwMEnNZbV73GZg9cJItrMpXprzX6DXxnYbcsH5ACOwvF3ScP7j7KkjUsWK2lv54Gz53z0xu0m78p_oJqwfP0JHvOPpU43DV1Hu4bFWGoitaT-wPXkmBIFW8hmx3IzhKtPMrb7qfdslpmDK-biTjLQ2s9hFmmdtUaQJfsetXHhqv24zHRFFhZodwF2aVHMQNjlJXC06IC2x3pAbqV64Gvs56102ZhTEO5MU5OmUktW4Zyecm8ZkinV6fKDBEG_6ghs8-rZJij1eLqr4vQ3lcBXfFWR0afaMBDqSdpsj5GWO0l-2iACCTwPkcPmrKZ-2i5vBxIOgDo1MlDEKz3QM3l6XVmSvx1szCscgG0W-9Lmt25wycJlu8J2qJzEKYJ9ooylBvVE8892CzaUEltsLx2D2IGmA6SppF27jCSEz-zjGSKldIOpGsna8OpDu93x2Uj-mDdUGexYlMPD53FNWQER7xDmTh5wWEZo8gwhli1fst-nXACfCPpREGXA7ly1ZyU-rammEWOFtScufTVUE6Q&sai=AMfl-YQjKjUiWbUAvxNWljF2_KK3qjSsHM_AwnAIIM6TZaR9Cx6dbCU_FWV43A&sig=Cg0ArKJSzPr9OLrYiiUBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 14 Jul 2022 05:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 14 Jul 2022 05:34:47 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B9F4 106 KB
38 KB 216ms
56ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 08:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Jul 2022 08:39:38 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame B9F4 6 KB
3 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1657776887&psa=0&format=380x600&url=https%3A%2F%2Fwww.44.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886948&bpp=1&bdt=902&idt=385&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0%2C1200x90&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3876&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mnRv8EnCZH&p=https%3A//www.44.ua&dtd=387

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 21:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2628
x-xss-protection: 0
server: cafe
etag: 1103433747108554897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 21:58:48 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B9F4 41 KB
15 KB 218ms
73ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 10:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 10:25:41 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame B9F4 34 KB
14 KB 261ms
116ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f19d142ecba97aa37337021c3f4a71930c8e3672a927f0ead5b93d8994c2259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13753
x-xss-protection: 0
server: cafe
etag: 5742122760925719978
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 05:21:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame B9F4 3 KB
1 KB 341ms
196ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 05:32:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9F4 138 KB
43 KB 194ms
66ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 05:34:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame B9F4 17 KB
8 KB 198ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 05:28:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame B9F4 21 KB
9 KB 205ms
61ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 05:23:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012206162023000/ Frame EE52 220 KB
61 KB 185ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886944&bpp=1&bdt=897&idt=377&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=idPUrIDID9&p=https%3A//www.44.ua&dtd=381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ccda9c9480b41d37a1cdbfafa79c8d421e48d7d83aff61e8bfee8ad4fe19dff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61503
x-xss-protection: 0
server: sffe
date: Tue, 12 Jul 2022 15:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e288a31ad4797408"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Jul 2023 15:50:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ Frame EE52 14 KB
5 KB 282ms
150ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f78db6806eeeeec2e31f2b92195a2aa4036cde62ebdef69e9f9a3ebccb53676

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Thu, 14 Jul 2022 03:38:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "721298833d717b80"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Jul 2023 03:38:50 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ Frame EE52 94 KB
28 KB 303ms
172ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b068dc04b141b2f04b2efd1bd2afbb373f3789e58b3c06e9952cba16dc59c04f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28867
x-xss-protection: 0
server: sffe
date: Tue, 12 Jul 2022 15:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee36630e23640250"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Jul 2023 15:50:47 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ Frame EE52 72 KB
16 KB 340ms
209ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02b0798c308331f385923c5c50f8faff3c5d3a4ed7abd34ebe201695557e5b18

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16644
x-xss-protection: 0
server: sffe
date: Wed, 13 Jul 2022 23:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "83d9556eda584012"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jul 2023 23:08:00 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ Frame EE52 5 KB
2 KB 329ms
198ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9127df7bc100bed74cbfd58a7a8b1568fb65a4543578fc4fcfcb3cadba1897dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Tue, 12 Jul 2022 15:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3179f93f2cca7cd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Jul 2023 15:50:48 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012206162023000/v0/ Frame EE52 40 KB
13 KB 331ms
200ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

217f23a918fb509b032f5ae12f5f6e978a68b51ab28db90ecbe2424bafdf5c8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12955
x-xss-protection: 0
server: sffe
date: Tue, 12 Jul 2022 15:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d5600af20d5aaa0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Jul 2023 15:50:48 GMT

GET
DATA 200
OK truncated
/ Frame EE52 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3159d6194db62f9ea9b695cfc1706835444bfb47f6830a96daa753ae8aaf2459

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ST6D_24_90px.png
tpc.googlesyndication.com/sadbundle/12125998491844031921/ Frame EE52 37 KB
37 KB 200ms
139ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12125998491844031921/ST6D_24_90px.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37693
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 14:38:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jul 2023 05:34:47 GMT

GET
H2 200 TR6P_90px.png
tpc.googlesyndication.com/sadbundle/12125998491844031921/ Frame EE52 35 KB
35 KB 284ms
224ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12125998491844031921/TR6P_90px.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35526
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 14:38:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jul 2023 05:34:48 GMT

GET
H2 200 Logo_in_Orange_Box.jpg
tpc.googlesyndication.com/sadbundle/12125998491844031921/ Frame EE52 23 KB
23 KB 256ms
196ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12125998491844031921/Logo_in_Orange_Box.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 09:00:07 GMT
x-content-type-options: nosniff
age: 592480
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23485
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 14:38:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Jul 2023 09:00:07 GMT

GET
H2 200 CTA_90px_1.jpg
tpc.googlesyndication.com/sadbundle/12125998491844031921/ Frame EE52 17 KB
17 KB 260ms
201ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12125998491844031921/CTA_90px_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa918bed81203596fbe80feb28bdb736c2677fe46d1f051c254febb136f70e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:53:23 GMT
x-content-type-options: nosniff
age: 157284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17086
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 14:38:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Jul 2023 09:53:23 GMT

GET
H2 200 mo_power.png
tpc.googlesyndication.com/sadbundle/12125998491844031921/ Frame EE52 2 KB
2 KB 266ms
207ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12125998491844031921/mo_power.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c8d54957ff6a1f63bedddff024ecea66ed153858d731d30a6acf6a33419ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 12:34:37 GMT
x-content-type-options: nosniff
age: 493210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1887
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 14:38:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Jul 2023 12:34:37 GMT

GET
H2 200 mo_performance.png
tpc.googlesyndication.com/sadbundle/12125998491844031921/ Frame EE52 3 KB
4 KB 191ms
135ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12125998491844031921/mo_performance.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc8c0370988b3fed60f055b81c63de32cf38f85c18b440f508e0003e9f183aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:53:23 GMT
x-content-type-options: nosniff
age: 157284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3303
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 14:38:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Jul 2023 09:53:23 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EE52 3 KB
3 KB 188ms
132ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 11:05:04 GMT
x-content-type-options: nosniff
server: cafe
age: 66583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Thu, 14 Jul 2022 11:05:04 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EE52 344 B
474 B 128ms
72ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 82113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 14 Jul 2022 06:46:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE52 0
21 B 112ms
112ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdwOc96rPYsmkHOvM1fAPvumX-ArdzvjsY7OkntOcDrTyq5bOKBABIKCS8BBgu76ug9AKoAG4hOT5AsgBCakCrwURjkHmsz6oAwHIAwiqBPkBT9Cx36jxwi3nDafsdLr9sA2EB6YLISpcRXKrIst5LS0Dzyc8B9XWfMmLRZboflj7irkgMkyvtXXBBZ6hrCcTft3olEdXwrdfYXmbQ2_zojCyS4FSxL0F-30lSD1X1T467iUTcgAO-UnCGrvZrfr0Q1q2v0Yp8VimTOS8jIVpEi_bAhzZpaIh-BlsJJK-tuROfO0h5xB1WqUQjjWh5SgbcAeppQvFQzn_w-JkeotqJjPJAAreWiaXw75Y3nAWGPiHGfSRwV29F3TekCg7W2gCnwsW6j3S_RnSKfDJY5I6kZSCrvM2Dx2ITxv8LpaICruIkC6eMki1qZ2awAT535OrywOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsPubhgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCz8hnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0xOTk3NjA0OTIxMDc3ODk2GAA&sigh=oOd-ibtyw04&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886944&bpp=1&bdt=897&idt=377&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x90%2C0x0&nras=1&correlator=2665598371543&frm=20&pv=1&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=idPUrIDID9&p=https%3A//www.44.ua&dtd=381
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Jul 2022 05:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Jul 2022 05:34:47 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 776E 0
18 B 118ms
61ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.44.ua
Referer: https://www.44.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.44.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 05:34:47 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 back.jpg
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B1D8 114 KB
115 KB 66ms
64ms Image
image/jpeg 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/back.jpg
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28de6798a356be73f715a4bf87b6f0c30d66c0e52d08c4196d5e6049bdebd202

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116880
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1c890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl1dHccbdptBkgwQ%2F4gJ%2FA0rpElC7q7X5EbW9Bvas7GgGZtwiJplWIaAiSsU6TGmoJnKqwypBU%2BXp1F2dbqM6xN5EYrSymDOgvviAmQ0L%2F19JMrDmloAbk6zGG8iJia2InoUJWj%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72a7e42d8f3c88b0-LHR

GET
H3 200 sl2.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B1D8 13 KB
14 KB 54ms
52ms Image
image/png 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl2.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f1b1992c4b8ebd986428001b2fd1e5b8662408881109b52c8544687b341e51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13687
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-3577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1XJ1a0NVyjX9FULTlIoD2a3lyHMkiDWpq95GEqYqM%2BELxhDa5rzgNfxWizgYaElLiWXRPKVeUKXf2xqvOHjIW%2Bx2ho0FMS%2BIhmZ%2BeFttuRQR2vRNQMx6nrA0Sjl7yMWOUSwfch1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72a7e42d8f3d88b0-LHR

GET
H3 200 sl1.png
s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/ Frame B1D8 7 KB
8 KB 55ms
53ms Image
image/png 2606:4700:3037::6815:3381
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/images/sl1.png
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3381 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826447e87f27f823f9fb354c1d49f74015905795dec1aa558945747b41af87ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.44.ua/upload/jackets/mlinci380x620_62b0ac89bafee.zip/mlinci380x620_62b0ac89bafee.zip.html?clickTAG=https://www.44.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIxNTc1NCI7czo5OiJwbGFjZU5hbWUiO3M6NzoiQmxvY2sgMSI7czo4OiJiYW5uZXJJZCI7aTozMTQyMDtzOjQ6ImxpbmsiO3M6Mjg6Imh0dHBzOi8vbWx5bnppemFkb25hdC40NC51YS8iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7408
last-modified: Mon, 20 Jun 2022 17:21:14 GMT
server: cloudflare
etag: "62b0ac8a-1cf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeQcnrASjNhTAcuP8IZsQTKx%2BKFlsioeFgRlj27fz7PjlCTG2naoyNYwnmaumUhr%2F6Ti5xbq9OMRfFudO5uqFFKvwZzkQwrpEzbRGAq8ez5DPRMC4qLPd%2BoWvG%2FsaeWpDTrmxZPk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 72a7e42d8f3e88b0-LHR

GET
H2 200 8486401939993567253
tpc.googlesyndication.com/simgad/ Frame E8B8 27 KB
27 KB 160ms
160ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8486401939993567253?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlhxhwdYCmAPpCevSwKTg29YQOIKg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597271d2c55c2156b22f695a024d9aea1f6e93e7650bc788861ccaf4d3e30f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:21:32 GMT
x-content-type-options: nosniff
age: 544395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27619
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 14:05:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 07 Jul 2023 22:21:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame E8B8 21 KB
9 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 05:23:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E8B8 3 KB
1 KB 197ms
70ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 05:32:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8B8 138 KB
42 KB 196ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 05:34:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E8B8 17 KB
7 KB 180ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 05:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 05:33:19 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E8B8 31 KB
13 KB 198ms
72ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 12:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 12:19:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E8B8 0
0 101ms
99ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM3pL96rPYoD2G--QjuwPsamt8AiawYbAaoKrl-WcENzZHhABIKCS8BBgu76ug9AKoAH746PgA8gBAqkCWE0bDITRsD6oAwHIA8kEqgTnAU_Qi-EUFtzyZ68mkaI9emz-rh6ObKRqACezMJnchWX2p_68VkhzkCUdEwsV8sZ3x-sbjpl2oXYGBpAM5rrM1uMbel0Q6kq9kfNxk1qY5epOK6DH30MB-vDL1NiTTewJT2ZdHvxi2satq3gN0WmM3aCB6IXG00xOe7Qd0Snf3dGRIOPd-U0HrKFu_jwdLcVrQ1XLSbDKw39Hhhm1dkWXGV-VI7Jprp3xlo7hJJ3hJ2Fq3dwP4rTcgaiF-0h8okwRRwd_VnFVZ8qjb5BZVEzzTQNFs__dEM4ce4RZT_R27R5rWLJOlsRHtMAEzvGwvv4DoAYCgAftm9wfqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ4-cF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk5NzYwNDkyMTA3Nzg5NhgA&sigh=geEv0xVFeGg&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Jul 2022 05:34:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6F07 22 KB
8 KB 107ms
54ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 122105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 19:39:43 GMT
expires: Wed, 12 Jul 2023 19:39:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B9F4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ba7b6a35f769d7b198539c87a6c5949901bb5e58ee67097c90f08049e0fd0a3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B9F4 8 KB
4 KB 361ms
57ms Script
application/javascript 2a02:26f0:ef:28a::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=26918589&sid=443002&plc=337292478&num=&adid=&advid=8650961&adsrv=1&btreg=529221447&btadsrv=doubleclick&crt=172072798&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:28a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fc4ace59b8dc8814662d992e103ae0252fd193ace1f8fe7ed1597c2ea953eb77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 05:34:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2022 13:04:24 GMT
Server: Microsoft-IIS/10.0
ETag: "07ca13b996d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3302

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15516580030423037180/300x600/ Frame 2473 3 KB
1 KB 163ms
54ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce5e5252e3c3f5ffc4ac5985a03e77608746d716cb35648465da868a039e337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1239
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 04:32:39 GMT
expires: Fri, 14 Jul 2023 04:32:39 GMT
last-modified: Thu, 26 May 2022 09:32:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=337292478;a.a=529221447;cache=140525659;
ad.atdmt.com/i/ Frame B9F4 0
0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C2F 143 B
163 B 55ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 04:50:57 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 69D2 247 B
963 B 199ms
61ms Document
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

5b5885acd411837d915782c7f7a9ecb4d467d459af71e0a075fd2cbdba3ad4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-_A-mnxd7BGnO19QorKuQRQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 05:34:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012206162023000/ 23 KB
8 KB 165ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012206162023000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccc477b9782afbd0c1ef17e5c0977aa35a241edee2dde6e36d34ee05db4239b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 186547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7838
x-xss-protection: 0
server: sffe
date: Tue, 12 Jul 2022 01:45:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "33910786ff09e66c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Jul 2023 01:45:41 GMT

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F07 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:59:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:59:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C2F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

119ms
118ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 05:34:48 GMT
expires: Thu, 14 Jul 2022 05:34:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 05:34:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E8B8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fad1cd6e0b6aca7485ae11bb375478e82da4b89389c5da4ae915b5778fed2c1c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 300x600.css
s0.2mdn.net/sadbundle/15516580030423037180/300x600/ Frame 2473 4 KB
870 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

438ef487da125c46dc8efa9dafc43982ed7869559aac4ed4342fd67bd49a8829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 13:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 841
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jul 2023 13:09:32 GMT

GET
H3 200 iframe.html Show response
p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 69D2 4 KB
2 KB 171ms
62ms Document
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d52910beb501454ff44a01dba06b460f22fb48a966fcc1e4a65094a4bd002b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1861
content-security-policy-report-only: script-src 'nonce-x4DqkyiVMAhW53xJGtw7vA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 05:34:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 card.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 46 KB
46 KB 55ms
54ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/card.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8493d3ea0490c0c454974ab1c88637376f5c17797fd272d55e1eca101926d56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47271
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 ref.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 481 B
508 B 100ms
97ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ref.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b31b9f381a897be3ba2e1dd434793d1c5cdf03085f2bf6191f4aa1fba60b439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 481
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 38 KB
38 KB 79ms
77ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5002141a8fe1d45546aeb0be6ac46a37d2afc8dc41be1281268278f2668500b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38575
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 2 KB
2 KB 100ms
98ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9b4199873c133ab4de4be81d0c3ea11b0d20ce9c9ddf43cb0bd3e1ac464670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2311
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 grad.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 861 B
888 B 113ms
111ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/grad.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50289505063ac8a641ec6812be11d8d6297c6df32ff49c590cde10b67f4508d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 861
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 txt_1.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 2 KB
2 KB 102ms
100ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/txt_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71633585230bd812eaa7f112f9827919e39e2e1a37d2e8a1ad6407848ebc4961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2371
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 txt_2.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 2 KB
2 KB 104ms
103ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/txt_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a0fff5ec2635b9419ca44bd62219247261a4e2de154186aeaa69b71a033b973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 txt_3.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 2 KB
2 KB 107ms
105ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/txt_3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71b945c94773a645902a982a754c6686a8ffa4bab8c70d49b84f703442db0906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 23:33:39 GMT
x-content-type-options: nosniff
age: 194469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2221
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Jul 2023 23:33:39 GMT

GET
H3 200 txt_4.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 2 KB
2 KB 109ms
108ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/txt_4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6eb3a25628db6c4ff312e844c507e98f7edc044f6fb10459c5b4b943c23156f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2240
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 200 txt_5.png
s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/ Frame 2473 1 KB
1 KB 112ms
111ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/img/txt_5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99742b8411e42aaee2ffd3598e4283ca310c23c9200339eb8bfea9622583ccde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15516580030423037180/300x600/300x600.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:08:52 GMT
x-content-type-options: nosniff
age: 455156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1038
x-xss-protection: 0
last-modified: Thu, 26 May 2022 09:32:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 23:08:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F07 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRjU896rPYoGfHNTtxgOt4byYCQAAAAA4AeAEAg&bg=!-_il-LzNAAaYcLjmuHA7ACkAdvg8Wgi_xEVSF5cMlwmJTlNo1hfwjMgEqzHfz69aI_QKlTWREBnnqwIAAABjUgAAAAJoAQeZAudAzXmPhkVcFDdwf2UTCD9qC2R3Q9a16FUoQDB01oSCes-w6TtYnJH0P4n1z1MoN2jD6umiLoN-hWmws9rif3Ciseg6XJiNlQ5h60LhFX4-S1qgtmjsdJlDzzIyEPAXjpdCoEpIF9ZNaG5M7pQ82dxHTxDFeAoqPZlbKQnMO7Os_j9YR0iVu9gHJSR9hocRlznum_MGrId7FyKeQG6ypEn59pKuNYEFbrECKW43lpO2DxQdp9ITHseTHNxAuJKwGKhKYo6ptsdBtJlW-JmXIISrzVT-yML4WNs7yEIr1tVCZYZ_NBCn5IppjuWF4lXQ-AQI3s9TVMUW68lq0nZAwSC4f1I2A6rakIOpR8XJJmYyP8EHAbGe1NJvynUM60VeS52p1--N0Sm79kTPld0Z-e62odS2xXKTlBKadxD3mzKEMa2UJHYrTBEeIRt_FdSM_DGqkRuOTjYzkFmd22J0tKd3qIZYnSOQ8rKHWzKFbA4vKYLrjEVBS6Zjn-DnF7c9ZshSV-lUaDcxCD0pOV7hYHOkV5UNIN6I29kuOccUlXe9DHHErjpMC1wjpWOL2tYJSYaK2HQep3F9gfIqbmH8OySlKDD0y0I3Y5t8TIsrmg3qo9k8C1r5ANFRU104BKLc1Sg7vcJgAGY8XdeU0fQ_2nAh5oXnQdlhnK7wzsSBiYMaGE4bxLw8RFK3QGdCaSItJ-mJM_Lr3KnKS94WFJEOit8NqKDv0v6vWhRNt1DVJWlN4xqW3gaGexzoDAnG1GSP7LhnNB-l1BNaVU9yWmUFrd5F61DSyxGPTnsyxyuxONaBjTAnx4JMrN2GgoGPbCNvMGoOsyKl1tm4IeNLlxKinrRrvJotxxqFJhsrk3DSlA31b0gTA8hhA-D3rnZKKct8-IbNlzIsZGD52LMTU0N8bSVgiCZ3b-k9R6sUcbLIpHSgA4Pc8GOUGlgf-Qq8AsNv-uqNYdTz5-xRH1bumTa-M-zIfDeXU5-vvg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements2909.js Show response
cdn.doubleverify.com/ Frame 0374 558 KB
107 KB 64ms
64ms Script
application/javascript 2a02:26f0:ef:28a::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2909.js
Requested by: Host: www.44.ua
URL: https://www.44.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:28a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 72dfaef614df4137b3c5b799d4ffa258054f84301c55ab8b4458a6253cf5ba09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 05:34:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Jul 2022 11:35:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0c98b6ac96d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109134

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DD2 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=2784113653&adf=2319043556&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1657776887&rafmt=2&psa=0&format=1200x90&url=https%3A%2F%2Fwww.44.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657776886936&bpp=4&bdt=889&idt=347&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=2665598371543&frm=20&pv=2&ga_vid=1666317256.1657776887&ga_sid=1657776887&ga_hid=28737867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068418%2C31064018&oid=2&pvsid=2099754429193601&tmod=620017532&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LHTuat7hYs&p=https%3A//www.44.ua&dtd=364

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:59:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 18:59:32 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 0374 1008 B
858 B 343ms
61ms Script
text/javascript 213.254.244.108
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=228&ttfrms=22&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5Dcc%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5Dcc%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=356&ddur=362&uid=1657776888689291&jsCallback=dvCallback_1657776888689301&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2909&tgjsver=2909&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1997604921077896%26output%3Dhtml%26h%3D600%26slotname%3D6545110057%26adk%3D1210871976%26adf%3D3838452572%26pi%3Dt.ma~as.6545110057%26w%3D380%26lmt%3D1657776887%26psa%3D0%26format%3D380x600%26url%3Dhttps%253A%252F%252Fwww.44.ua%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1657776886948%26bpp%3D1%26bdt%3D902%26idt%3D385%26shv%3Dr20220707%26mjsv%3Dm202207110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D1200x90%252C0x0%252C1200x90%26nras%3D1%26correlator%3D2665598371543%26frm%3D20%26pv%3D1%26ga_vid%3D1666317256.1657776887%26ga_sid%3D1657776887%26ga_hid%3D28737867%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1210%26ady%3D3876%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31068418%252C31064018%26oid%3D2%26pvsid%3D2099754429193601%26tmod%3D620017532%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeEbr%257C%26abl%3DCA%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DmnRv8EnCZH%26p%3Dhttps%253A%2F%2Fwww.44.ua%26dtd%3D387&fcifrms=6&brh=2&sdf=2&dvp_epl=218&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=26918589&sid=443002&plc=337292478&crt=172072798&btreg=529221447&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=415698364113.60046&dvp_tukv=182341881964.35178&dvp_uuid=1387961671066.6882&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1304276611569
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2909.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: b123cce3b3cce10d51d33aa301fbcae1a60c56ff5d94cc099b487bbd350a16e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 05:34:48 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 07/13/2022 05:34:49

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 79ms
78ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=28737867&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Banner%20Place&ea=View&el=stretching_1_site&_u=aHDAgEABAAAAAE~&jid=&gjid=&cid=1666317256.1657776887&tid=UA-8955215-58&_gid=1198238711.1657776887&gtm=2wg7d05PBKBDZ&cd3=1666317256.1657776887&cd4=1657776888881.fups13n2&cd5=2022-07-14T05%3A34%3A48.881%2B00%3A00&cd7=Yes&z=575028116

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:08:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19559
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 72ms
71ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=28737867&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.44.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Banner%20Place&ea=View&el=block_1_site&_u=aHDAgEABAAAAAE~&jid=&gjid=&cid=1666317256.1657776887&tid=UA-8955215-58&_gid=1198238711.1657776887&gtm=2wg7d05PBKBDZ&cd3=1666317256.1657776887&cd4=1657776888890.xd2amx8a&cd5=2022-07-14T05%3A34%3A48.890%2B00%3A00&cd7=Yes&z=1651448181

Requested by

Host: www.44.ua
URL: https://www.44.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.44.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 00:08:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19559
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8B8 42 B
64 B 204ms
91ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE9Cq0ZxZ-9iQ5oP-fQP1EPhT2Gf4d_sZqPQ3F6TRIKcWzZdmzLkGtgHzM2bttLSz2gl8_EcdV7qchmIRW1tPjfH8JzPxhBk2Yz4F2BjH6xz2vCiiXEVZhDKVYxw0XLeSuVePOoqez30TQ8g_dk7XewECVI4e-xPgZwyBiA6F7cWib11M8_8qjx1ADwQRHb1pKQxWcd2kRN0B5tY4x9IVXw6xk410A2RokCrn7PDEYHehKl87Y7XatPPkNkRO2LZHx791ARZr-Yyqc6ByO2p9uQ8akQm1b6wS-PwarnsAWl88F6QnCPLfvMTvmNjayIejrDvqqtDK3Dm52UFpqu9mSpDaF3lQPzuebZkfD2SM3YLt38MO5MRj_8P2UG__iXqexiVCIkzzAVWJgwyIwllZB5-icOg0hLIZqp0qYmuE3bxHz-3fF-8hOlg6LmIV0qe4KexBnKS-2GVfUXrdZXPyBUrpCQgfPapGPeRD0RbbdVrPdo6HVJ_ECWCvrBbeiUcDu4DxC4kUU1UzR5hyTYghnhHN8Osd8LPBmOxo_9vzk1ueBtjHjzDQ-p_KtYJPcKohpfYJp3q9vtKlcRI4DdDSDpkCZXilsqzORbGDRbmA-uwjBJohLljiqhTo1M34yqk07f0uAamiE_NA7Zc0OmWvIXJHSOFzzgx-95y_nM4zcohswTHhYQz5Dns2wI514Nyq8hF5nEoxOM-LB5Fl56qicRWlv6E7Sx-pPXR3Huedmxpo2o4bfriU5q7YFLthh-iAe1ktOsbXQsYwvvvxJsRua-GNYhHsde5IZOB5JZrIpR0_VHzkWK6NKkP2RdaWw8WH9HzE3XVsn16KTaFsw2dkWZOgScVM3n-iD3Rg2EO0D9qVIBZbTTx3Wk3soYslHINjZGQskwPfscZnHFtEKilyttzZscWXv1LLPzrsusHFGYzp6-cn8E-TPR4mPH2LhOrrcSzF2ru2ORdXUqML27PaP98oGP2Hgw0XwdAzxnNYdOw&sai=AMfl-YSBDYrvHauTOVb4wg1kKO0D3PNg7uZGFb736gpuljnVOpNKaeuV9pQ9bFRr3JC_C4vfwTarF1EiP-jMYr5kt8ehcB6iEQn7lA&sig=Cg0ArKJSzKcznVA35oXjEAE&id=lidar2&mcvt=1000&p=0,236,90,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2784113653&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657776887301&rpt=920&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 0374 0
258 B 183ms
65ms Ping
text/plain 213.254.244.108
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=6e0364cec6784481849ce82e4a69f024&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=344&eoid=11&msrjs=2909&sdf=2&vit=2&isvelg=1&rmi=16&tltms=362&tetms=8&msltms=188&vltms=344&sei=290&vetms=5&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=28&isumms=28&nvr=2&elmtp=1&isbxdms=2429&b0=2504&adhgt=600&adwdth=300&norwdth=300&norhgt=600&dvp_vsosnmr=1&lftb=2504&sftb=2504&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=27&dvp_dpr=1&ttfurm=3369&cbust=1657776892039137
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2909.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.108 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Thu, 14 Jul 2022 05:34:52 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 07/13/2022 05:34:52

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 172ms
60ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HVMDDH6B1F&gtm=2oe7d0&_p=28737867&_z=ccd.v9B&cid=1666317256.1657776887&ul=en-us&sr=1600x1200&sid=1657776887&sct=1&seg=1&dl=https%3A%2F%2Fwww.44.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9A%D0%B8%D1%94%D0%B2%D0%B0%2044.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.44.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 05:34:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.44.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.44.ua
URL: https://s.44.ua/img/section/newsIcon/subdir/card/is/2/24123fd3-33bb-4138-ad70-736f726661d4_62ceec1fa459c.jpg

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=337292478;a.a=529221447;cache=140525659;

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.44.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 24005519b40eaa474129e10bfeb4e3d1
.44.ua/	1970-01-27 11:48:48	Name: _fz_uniq Value: 6376722757604547830
.44.ua/	1970-01-27 11:48:48	Name: _fz_fvdt Value: 1657776886
.44.ua/	1970-01-20 04:29:38	Name: _fz_ssn Value: 1657776886756379592
.yadro.ru/	1970-01-20 13:14:42	Name: FTID Value: 1Ypwhs3-_6OM1Ypwhs0038YM
.mql5.com/	1970-01-23 20:02:50	Name: _fz_uniq Value: 6376722757604547830
.44.ua/	1970-01-20 04:31:03	Name: _gid Value: GA1.2.1198238711.1657776887
.44.ua/	1970-01-20 04:29:36	Name: _dc_gtm_UA-8955215-58 Value: 1
.yadro.ru/	1970-01-20 13:14:42	Name: VID Value: 3Wgyzx3ZZG8M1Ypwht003Pk7
.44.ua/	1970-01-20 06:39:12	Name: _fbp Value: fb.1.1657776887344.623250519
.44.ua/	1970-01-20 13:51:12	Name: __gads Value: ID=222d4582b7846b41-22d32862cdcd0043:T=1657776887:RT=1657776887:S=ALNI_MYfSdaVES-9gT6Is6CPT_40tTjesg
.doubleclick.net/	1970-01-20 13:51:12	Name: IDE Value: AHWqTUlzPmIcVbmx49S8qZ0WY9Xzy1fMWkvHzMPSvf5xqYuvQG8tUegdp6z8dusyRuk
.doubleclick.net/	1970-01-20 04:29:40	Name: DSID Value: NO_DATA
.44.ua/	1970-01-20 22:00:48	Name: _ga Value: GA1.2.1666317256.1657776887
.44.ua/	1970-01-20 22:00:48	Name: _ga_HVMDDH6B1F Value: GS1.1.1657776887.1.1.1657776888.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012206162023000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=337292478;a.a=529221447;cache=140525659; Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44.ua
ad.atdmt.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
animate.adobe.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.sendpulse.com
connect.facebook.net
content.mql5.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
p4-byln4qkgk7i6g-s2acxyapprxycpvc-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s.44.ua
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
www.44.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
ad.atdmt.com
s.44.ua
142.250.185.194
142.250.185.227
172.217.16.194
2001:4860:4802:34::36
213.254.244.108
2606:4700:3037::6815:3381
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9b
2a02:26f0:480:9::210:ee09
2a02:26f0:ef:28a::4469
2a02:6ea0:c700::10
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
78.140.180.86
88.212.202.52
02b0798c308331f385923c5c50f8faff3c5d3a4ed7abd34ebe201695557e5b18
05f4bcca4ab7f481dc128f5f7cfbb7e3362f080ec41856d46dc937e62a3c528e
0e186bbc06b96cb2d5174b6d75cdda04f9cfc8d150a1fe2b6e35d711cac530e1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1de6bde192b8ef66858ff9604bac923ef64e98941e3a378864e43030097fba1d
1e9337be81ff7e26deab9cfcf8e82735e17251bcb74ece6c802865b7bd5e97f2
1f45ec49ef8ba141166495912187578b9fd5b0a8e09f26ad217a51aa03d9e8c4
2049265d41ff8d1d889b6a7c84b58f0ebb67409484ec72d501074ab7a10643e0
206bc1426917dc07b0ff430cda7ee9b7bc5a7159476d5b0352f7b1cec58652c4
217f23a918fb509b032f5ae12f5f6e978a68b51ab28db90ecbe2424bafdf5c8c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824
28de6798a356be73f715a4bf87b6f0c30d66c0e52d08c4196d5e6049bdebd202
2ba7b6a35f769d7b198539c87a6c5949901bb5e58ee67097c90f08049e0fd0a3
2c745af997994c9f9f50aa0b625c00e41b303fee332b4a9f1a4266e3aa4e3d83
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30f58f9a8e5dc91d465af6ec04f40d4c79156c3014c39f0268395d3390414bf6
3159d6194db62f9ea9b695cfc1706835444bfb47f6830a96daa753ae8aaf2459
323d682f4b687b70141bc8af259298b5835f090e712fbdc107ebbe2d5656e0db
3246cdfb31e93111d281a7510e7ef7221db858242eb2edf47628fe702a6ee130
337f7e7cc2848c9c41bc68cc0ee67c832ff4c832f9d36419a4d9cbe6d6ac6e23
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
38c4dcf397adf03f512c5d496b577d34940011df4b7b0630711ac879fef501e2
3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3ccda9c9480b41d37a1cdbfafa79c8d421e48d7d83aff61e8bfee8ad4fe19dff
3d4ed36f5cef56c64782ff670ac22553f6f109b1e3d23b13b6a5798d5460dc42
41ef120f49351ad737d0db29e670ff593e49d1252b88effd8ceb4acfcdce5a9e
438ef487da125c46dc8efa9dafc43982ed7869559aac4ed4342fd67bd49a8829
494cc4d27936c91c48353be457ed030343972639adfa86d24c794d65da9d9c49
4a0fff5ec2635b9419ca44bd62219247261a4e2de154186aeaa69b71a033b973
4cf87b6154014c6e1f85744ca77b88b2b56c4a10cc32713562bb4605d31e0f73
50289505063ac8a641ec6812be11d8d6297c6df32ff49c590cde10b67f4508d6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ea5fd8c595c2f314dbb86478f09abd3e2467f701da75fc624fd28627cd9dbc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
59640c1c4b3c56c15664901632f04ba3cc5b8db05eb243c0d700627c5501912a
597271d2c55c2156b22f695a024d9aea1f6e93e7650bc788861ccaf4d3e30f0c
59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f
5b5885acd411837d915782c7f7a9ecb4d467d459af71e0a075fd2cbdba3ad4f7
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
5fc6b1237b3289e82df0dce30c0ec9d62a016d571aebd51149f1741b55271704
6088e1e4c947d8629864ebef4328c11cd9cb780cfe8d4024e82e7b90a9f02c4c
61eca17309586ff4b8a5463713a06052de061009c9ce335941e330a98b950060
6618b9e896668a4f31412b7be6751c198a88b157fc056d4932e41e7f6d38acf6
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f19d142ecba97aa37337021c3f4a71930c8e3672a927f0ead5b93d8994c2259
6f78db6806eeeeec2e31f2b92195a2aa4036cde62ebdef69e9f9a3ebccb53676
71633585230bd812eaa7f112f9827919e39e2e1a37d2e8a1ad6407848ebc4961
71b945c94773a645902a982a754c6686a8ffa4bab8c70d49b84f703442db0906
72dfaef614df4137b3c5b799d4ffa258054f84301c55ab8b4458a6253cf5ba09
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
75a550a4a58f5b900904cfe71c903342008240e73511c8f42865d5f9c57bd6e0
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
826447e87f27f823f9fb354c1d49f74015905795dec1aa558945747b41af87ef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8493d3ea0490c0c454974ab1c88637376f5c17797fd272d55e1eca101926d56c
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b31b9f381a897be3ba2e1dd434793d1c5cdf03085f2bf6191f4aa1fba60b439
8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
9127df7bc100bed74cbfd58a7a8b1568fb65a4543578fc4fcfcb3cadba1897dc
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
99742b8411e42aaee2ffd3598e4283ca310c23c9200339eb8bfea9622583ccde
9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4
9f9b4199873c133ab4de4be81d0c3ea11b0d20ce9c9ddf43cb0bd3e1ac464670
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5646c32757629240fd5946ac6d688e6632f5283f7499a03f1cd5268ad237442
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
aa918bed81203596fbe80feb28bdb736c2677fe46d1f051c254febb136f70e0e
ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555
af631fde073e096f8aaca810104e57f9cc59c46981a696df6684f1f96bb1ee40
b068dc04b141b2f04b2efd1bd2afbb373f3789e58b3c06e9952cba16dc59c04f
b123cce3b3cce10d51d33aa301fbcae1a60c56ff5d94cc099b487bbd350a16e9
b1a659307f7b2225025cdfd50cb419f7217dfe64572fd6290d316b296c0eb06a
b5002141a8fe1d45546aeb0be6ac46a37d2afc8dc41be1281268278f2668500b
b5496c6b6ebec55ff94e2ddeff3dd8e7c518421643ea4d95a8a3059960856015
bce5e5252e3c3f5ffc4ac5985a03e77608746d716cb35648465da868a039e337
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
c227f98d208a46180b3619835a1dd967cf39c0fc9306eb5c880695652c7ac5e5
c3aa2484855e4c36892f02a050cfc4c458d428bf8583629ed07fde8aca48876a
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cccc477b9782afbd0c1ef17e5c0977aa35a241edee2dde6e36d34ee05db4239b
d24e7a296ed8139cffaca96a74674e27f8facd2b8be4054a39082f2aa4946ca1
d52910beb501454ff44a01dba06b460f22fb48a966fcc1e4a65094a4bd002b36
dc6a25c67652e0c543e6726ef605bb3a842a42f483bca64d315c9affa8d3cbdf
dc8c0370988b3fed60f055b81c63de32cf38f85c18b440f508e0003e9f183aff
e1c8d54957ff6a1f63bedddff024ecea66ed153858d731d30a6acf6a33419ca0
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5e22e8acea811b462c808c477994f434db1e6792a0283bf04c0a7c4d70c5211
e6eb3a25628db6c4ff312e844c507e98f7edc044f6fb10459c5b4b943c23156f
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7f00fab71c94670bf0e8897eef7100a1411c9ef79356fdb82b20037c86a7e2c
e7f1b1992c4b8ebd986428001b2fd1e5b8662408881109b52c8544687b341e51
ea5578877a699946a433f7636864f26585fc5ed65e6c0e405ea4c7f74f745016
ed8e2ccc16aa259680fec1ec485c202eb5bf07f9815efa46ee86ad6da87b5846
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fad1cd6e0b6aca7485ae11bb375478e82da4b89389c5da4ae915b5778fed2c1c
fc4ace59b8dc8814662d992e103ae0252fd193ace1f8fe7ed1597c2ea953eb77
fdf544df1b3f5ce13216c6bf87984566f7bc6c0a6016458234598e9ae598e039

www.44.ua Open in urlscan Pro 2606:4700:3037::6815:3381 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

98 %HTTPS

79 %IPv6

21 Domains

33 Subdomains

29 IPs

6 Countries

2889 kBTransfer

6991 kBSize

15 Cookies

14 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.44.ua Open in urlscan Pro
2606:4700:3037::6815:3381 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

98 %
HTTPS

79 %
IPv6

21
Domains

33
Subdomains

29
IPs

6
Countries

2889 kB
Transfer

6991 kB
Size

15
Cookies

137 HTTP transactions
3 data transactions