tv.ua Open in urlscan Pro
143.204.215.83 Public Scan

Software

cafe /

Resource Hash

9e0fe0cda29178ceb8c70129ebf6abd10ea3867a67d2a2fd3843fdedc9e7799b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
792 B 182ms
52ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=tv.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
47ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tv.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftv.ua%2F&tn=NAV&cls=top-navbar%20navbar%20navbar-expand-lg%20navbar-light%20fixed-top%20kids_pattern%20justify-content-between%20justify-content-lg-center%20align-items-end%20py-1&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1FC 0
19 B 206ms
127ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1656388208&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftv.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207780&bpp=4&bdt=631&idt=445&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6582773966095&frm=20&pv=2&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=121713574&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=480

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 03:50:08 GMT
expires: Tue, 28 Jun 2022 03:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 145ms
50ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202832543530482&ev=fb_page_view&dl=https%3A%2F%2Ftv.ua%2F&rl=&if=false&ts=1656388208282&sw=1600&sh=1200&at=

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 28 Jun 2022 03:50:08 GMT

GET
H/1.1 204
No Content s Show response
h.holder.com.ua/ 0
126 B 245ms
64ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&b7555&c1&r1883058&dholder1157357512&hhttps%3A//tv.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:08 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 246ms
66ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x50_5946&c1&r1883058&dholder1328428529&hhttps%3A//tv.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:08 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 204
No Content s Show response
h.holder.com.ua/ 0
126 B 245ms
65ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&b7621&c1&r1883058&dholder1196642462&hhttps%3A//tv.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:08 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 246ms
66ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x100_5577&c1&r1883058&dholder1503712054&hhttps%3A//tv.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:08 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 200
OK widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html Show response
platform.twitter.com/widgets/ Frame 4C33 319 KB
104 KB 29ms
28ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Ftv.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/635C) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 291526
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 03:50:08 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Jun 2022 18:01:40 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (lhb/635C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1656388208344/
Redirect Chain

https://gaua.hit.gemius.pl/_1656388208344/rexdot.js?l=100&id=ApuaBuc7o8JqFiyEF.7AI5YTrkKFFOb0NQpXe2s8CCD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftv.ua%2F&re...
https://gaua.hit.gemius.pl/__/_1656388208344/rexdot.js?l=100&id=ApuaBuc7o8JqFiyEF.7AI5YTrkKFFOb0NQpXe2s8CCD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftv.ua%2F...

169 B
425 B

62ms
56ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1656388208344/rexdot.js?l=100&id=ApuaBuc7o8JqFiyEF.7AI5YTrkKFFOb0NQpXe2s8CCD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=CB3Vc_QVjb7emJVhsU0NVMbJIT5Cals9MS1WWuRW95T.d7myHqr4fEQNXMpy_1blp57zKOvtiM1Esie8AadWxpEu4jm_/bCvxfgNtlReTR/&ltime=606&fpdata=224gl6ffF6QOLlfqlnnzmH9pa.ImlxY6jtlzxp_cWZr.t7&fpcap=
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: fc365731d094eef1cf88ec1ec14f04e421748d08fef7c3c5a0bccc427c5c23e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:08 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Mon, 27 Jun 2022 03:50:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:08 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1656388208344/rexdot.js?l=100&id=ApuaBuc7o8JqFiyEF.7AI5YTrkKFFOb0NQpXe2s8CCD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ftv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=CB3Vc_QVjb7emJVhsU0NVMbJIT5Cals9MS1WWuRW95T.d7myHqr4fEQNXMpy_1blp57zKOvtiM1Esie8AadWxpEu4jm_/bCvxfgNtlReTR/&ltime=606&fpdata=224gl6ffF6QOLlfqlnnzmH9pa.ImlxY6jtlzxp_cWZr.t7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 27 Jun 2022 03:50:08 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame CF36 50 KB
23 KB 288ms
135ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: a395b5065f26e8b3696eb2f5fc4b5771241fa7f2d007ebd549ea9fcea22dfcac

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23396
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F00 88 KB
30 KB 310ms
304ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1146455749&adk=815747106&adf=1858674414&pi=t.ma~as.1146455749&w=300&lmt=1656388208&psa=0&format=300x600&url=https%3A%2F%2Ftv.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207849&bpp=3&bdt=700&idt=499&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6582773966095&frm=20&pv=1&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=2011206139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FzlwXYn21S&p=https%3A//tv.ua&dtd=507

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94807a5e280cbe70ff441ca1ebce8e66ecfc591863d8514ad8c70087ad968bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30970
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 03:50:08 GMT
expires: Tue, 28 Jun 2022 03:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 43DE
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df162...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

175ms
126ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df162d731e201194%2526domain%253Dtv.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftv.ua%25252Ff9cdf45f2437%2526relation%253Dparent.parent%26container_width%3D0%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftv.ua.group%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=3bf42332341219bc9cad45c06ed24896

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 28 Jun 2022 03:50:08 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: g6vWD5ZHF4ecQ2NRylLv5e9sT83czJfhpX3u/96alM67/4Reihz46nGPP+/Eaf1lv8lAAmNC8XXRH1AOB/1nPQ==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 28 Jun 2022 03:50:08 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v7.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df162d731e201194%2526domain%253Dtv.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftv.ua%25252Ff9cdf45f2437%2526relation%253Dparent.parent%26container_width%3D0%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftv.ua.group%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: F3eosLQNTureztDWeXYbrz2httu/yZpbBr5KL42/Uc4yoW8JEQmaKTk+C4RxYkd2EpVChOymgWh36zoOWzoWiw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 400 / Show response
graph.facebook.com/ 287 B
235 B 114ms
58ms XHR
application/json 2a03:2880:f02d:110:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f72317c9b2e1c499579e74a11c71cc33c2d3ecbe499fe06851c4f61432965ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: */*
Referer: https://tv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "Unsupported get request. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api"
x-fb-rev: 1005758523
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: dPclhseWu3qJLlmmvJ3padEfs56WDMefpTgwnV1rCuiXv11Vy9TNbRN/dxnaJJ1JY6tV9uGcTH+wULvUflS38Q==
x-fb-trace-id: FHXCHtpa5BR
date: Tue, 28 Jun 2022 03:50:08 GMT
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AZkyL2tosCbevDQoA4_SDe-
cache-control: no-store
facebook-api-version: v7.0
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 display-views Show response
api.phnx.click/articles/stat/ 514 B
450 B 305ms
157ms XHR
application/json 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/articles/stat/display-views?cid=12&site=tv&aid=847148&0.10755729447010753
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ecaadbf6692f8268b1a1980d4664485726bc8b6554e2094d07bb7a6385cf3a04

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://tv.ua
date: Tue, 28 Jun 2022 03:50:36 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D99 91 KB
32 KB 295ms
295ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=4083251131&adk=377072595&adf=911469249&pi=t.ma~as.4083251131&w=960&lmt=1656388208&psa=0&format=960x180&url=https%3A%2F%2Ftv.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207855&bpp=2&bdt=706&idt=570&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6582773966095&frm=20&pv=1&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=2011206139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nybKpn5Cg3&p=https%3A//tv.ua&dtd=584

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6be7d4264bd88f1303892f3e892e6840d88b298cf12c5a0a2dae7591a52e2977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33075
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 03:50:08 GMT
expires: Tue, 28 Jun 2022 03:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tv.ua.1289914.es6.js Show response
jsc.mgid.com/t/v/ 254 KB
74 KB 116ms
78ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/v/tv.ua.1289914.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/v/tv.ua.1289914.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b94d7f851e8ebf83b5c7c95708380e67988cb48fc2048df1fb0d9bd1f0dad9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5RZ9VBPVV3P51AX5
cf-polished: origSize=260576
cf-ray: 722374df6be20075-LHR
last-modified: Wed, 15 Jun 2022 13:38:46 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: U6nMucgJJIPD4Nfkwz5G86KEkhehCnLos+WMWm9yUs9wtnQylBxV5LgeZ6mXu5XP04rtj2zJk4I=
cf-bgj: minify
server: cloudflare
etag: W/"28279b3b0d22c1aef2d47fa8e90d52d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 3RjstAKlax7CTQsfcN_iknVAUJzQXEss
cache-control: public, max-age=10800
content-type: text/javascript
expires: Tue, 28 Jun 2022 06:50:08 GMT

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
5 KB 95ms
37ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1561&height=300&width=400&tld=tv.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19159512
fly-request-id: 01FMS6YMNS3M0PK361CWPXFMPT
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 722374df8c247443-LHR

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 38ms
37ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1561&height=300&width=400&tld=tv.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6213a5ed-2b1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 28 Jun 2022 04:50:08 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 266 KB
82 KB 66ms
65ms Script
application/javascript 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1561&height=300&width=400&tld=tv.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 78f755249da2fa29690828464594f09814fc9a3d73cd197df9e146da64efa4fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 07:46:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62b9603b-429d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 28 Jun 2022 04:50:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 160ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1561&height=300&width=400&tld=tv.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bbe48c48d1067fe936217c7382d03187deffb90ecdbfa6f92ddf6cd9827e762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28128
x-xss-protection: 0
server: sffe
etag: "1257 / 476 of 1000 / last-modified: 1656367539"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Jun 2022 03:50:08 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 94ms
40ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1561&height=300&width=400&tld=tv.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19159657
fly-request-id: 01FMS6T6DHW02K514WB9G767ZW
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 722374df8c257443-LHR

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 95ms
87ms Stylesheet
text/css 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1561&height=300&width=400&tld=tv.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
372 B 152ms
43ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 139ms
34ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=d4872eb0-639e-43ad-a24c-4b3b3656d89b&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=d4872eb0-639e-43ad-a24c-4b3b3656d89b&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=57b400de-c89f-4de5-86b5-f59215e66b8a&ssp=prodoohmox&gdpr=0&gdpr_consent=

43 B
356 B

99ms
38ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=57b400de-c89f-4de5-86b5-f59215e66b8a&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:09 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=57b400de-c89f-4de5-86b5-f59215e66b8a&ssp=prodoohmox&gdpr=0&gdpr_consent=
Date: Tue, 28 Jun 2022 03:50:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 7516 34 B
236 B 56ms
50ms Script
text/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 23b7d769410d4b6912aeb0f54ad0626d13b6b5362110336702a06ed251620267

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b21
cache-control: private, max-age=315360000
expires: Fri, 25 Jun 2032 06:50:08 +0300

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4C33 512 B
521 B 206ms
135ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0832615119b9044b3896f1a81df4121f687bad29

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Ftv.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

a15f95e938fbfd9ffef12a20682cdb3eebc3cfefa4843ceab38d0ff1a612cbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 28 Jun 2022 03:50:08 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 03:50:08 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6ce1bbb1dfd60405e56e41dc256eba4014d7de683a1f139cf594439e1f379ee1
content-length: 241

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 222 B
675 B 136ms
40ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=2357869446209244&cpv=d4ab2688-7b3c-dd81-d2f1-0cd2fc6926ab&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22aea756a3-c9b3-7106-bb15-f5b8890babf7%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftv.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22b38e9d03-4cda-52ec-af0d-8ca0acad389e%22%2C%22tagid%22%3A%22e10cdb66-efd5-4166-8e00-60ccf065030c%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1828633601%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

698c9e3972ae8081edb33d65dd8498d0d37e60473e86e3c85bf41f8b1455fda9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:08 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 202
X-Xss-Protection: 0

GET
H2 200 iframe.htm Show response
go.rcvlink.com/static/ Frame 8A90 17 KB
7 KB 48ms
48ms Document
text/html 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/iframe.htm
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b5d759ff9d75be634664fc1ae80f63318195ad6e7e40c0df9fd9e3e0ba43be

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 28 Jun 2022 03:50:08 GMT
etag: W/"623db510-4430"
expires: Wed, 29 Jun 2022 03:50:08 GMT
last-modified: Fri, 25 Mar 2022 12:26:56 GMT
server: nginx

GET
H2 204 /
loadercdn.net/ 0
170 B 475ms
324ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=633128c6cb379ac1&d=tv.ua
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Jun 2022 03:50:09 GMT
server: openresty

GET
H2 200 css
fonts.googleapis.com/ Frame 7F00 8 KB
1 KB 135ms
46ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1146455749&adk=815747106&adf=1858674414&pi=t.ma~as.1146455749&w=300&lmt=1656388208&psa=0&format=300x600&url=https%3A%2F%2Ftv.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207849&bpp=3&bdt=700&idt=499&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6582773966095&frm=20&pv=1&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=2011206139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FzlwXYn21S&p=https%3A//tv.ua&dtd=507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 01:54:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 03:50:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 03:50:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 7F00 2 KB
983 B 196ms
90ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 03:07:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame 7F00 21 KB
9 KB 153ms
48ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 02:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 02:31:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 7F00 3 KB
1 KB 158ms
91ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 03:46:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F00 138 KB
42 KB 2136ms
2057ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 03:50:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 7F00 17 KB
7 KB 155ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 03:08:16 GMT

GET
H2 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 7F00 31 KB
13 KB 91ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 00:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 00:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 00:44:38 GMT

GET
H2 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame 8D99 10 KB
4 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=4083251131&adk=377072595&adf=911469249&pi=t.ma~as.4083251131&w=960&lmt=1656388208&psa=0&format=960x180&url=https%3A%2F%2Ftv.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207855&bpp=2&bdt=706&idt=570&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6582773966095&frm=20&pv=1&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=2011206139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nybKpn5Cg3&p=https%3A//tv.ua&dtd=584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 00:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 00:38:51 GMT

GET
H2 200 db2e47a9a3671f527cf86ca9ac22fc67.js Show response
www.gstatic.com/mysidia/ Frame 8D99 10 KB
4 KB 144ms
58ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 04:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4277
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 18:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 04:33:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8D99 5 KB
740 B 131ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 01:52:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 03:50:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 03:50:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 8D99 2 KB
902 B 129ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 03:07:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame 8D99 21 KB
9 KB 150ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 02:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 02:31:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 8D99 3 KB
1 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 03:46:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D99 138 KB
42 KB 195ms
125ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 03:50:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 8D99 17 KB
7 KB 182ms
85ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 03:08:16 GMT

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 8D99 31 KB
13 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 00:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 00:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 00:44:38 GMT

GET
H2 200 pubads_impl_2022062201.js Show response
securepubads.g.doubleclick.net/gpt/ 373 KB
127 KB 142ms
35ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ad79f8595bd0e292ee596db63d06f80e8a3ec4a6cf84621a4d2af673562a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129224
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 08:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Jun 2023 20:34:12 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 355 B
793 B 148ms
48ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98e78eefc96766d536bcd21fac2980b912fabbc0710228867d8e1688b3fd900f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
expires: Tue, 28 Jun 2022 03:50:09 GMT

GET
BLOB 200
OK 1ad3828f-0e0b-4577-9765-cc89cf0f6cb9
https://tv.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tv.ua/1ad3828f-0e0b-4577-9765-cc89cf0f6cb9
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 1983d97e-9563-4064-b87f-a5c69c7b74c4
https://tv.ua/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tv.ua/1983d97e-9563-4064-b87f-a5c69c7b74c4
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7F00 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrP8gcHq6Yo-oGc2GtwepoaioB-ex3N9qy_enq4gQg5jFvooOEAEgxuCLeWCRdqABw7bInwPIAQGpAuFd5P5WRZI-qAMByAPLBKoEvwFP0FfgLXRGXlKh2d-OQyouuXrLmUbIuNg6uq6GtP8M4zKv_UCZJVtNZvDnUeC6oe4lujcF1i8FAEElLQuF9GW4Iv-g7e7MfnAI7oHZ7eAZgLQNod2V7ZGTTR8Se-Ow1VPH7_3O1bXTDwoWqFCKh24E-UsunyB5PBt213x7BtbsuwRC29dtgeHU4SMFHkY5qxJY77WJ1CsIzo7te55Eu1n5ODMK-b85KGkZM5uxRbaceLXoNtWmibLs6vzd47jsIcAE4didgPkDkgUECAQYAZIFBAgFGASgBi6AB6XY8XaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCioSDSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E50n2BMC0BUBgBcBshccChoIABIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=eKhSNbmYMXU&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1146455749&adk=815747106&adf=1858674414&pi=t.ma~as.1146455749&w=300&lmt=1656388208&psa=0&format=300x600&url=https%3A%2F%2Ftv.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207849&bpp=3&bdt=700&idt=499&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6582773966095&frm=20&pv=1&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=2011206139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FzlwXYn21S&p=https%3A//tv.ua&dtd=507
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 28 Jun 2022 03:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Jun 2022 03:50:08 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/46506/ 28 KB
11 KB 113ms
109ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:20 GMT
server: nginx
etag: W/"62824274-702f"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:27 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/46506/ 42 KB
18 KB 125ms
119ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:21 GMT
server: nginx
etag: W/"62824275-a793"
vary: Accept-Encoding
x-cached-since: 2022-05-31T09:05:59+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 01 Jun 2023 09:05:59 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/46506/ 13 KB
5 KB 131ms
125ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:13 GMT
server: nginx
etag: W/"6282426d-326c"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/46506/ 11 KB
4 KB 114ms
109ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:12 GMT
server: nginx
etag: W/"6282426c-2a79"
vary: Accept-Encoding
x-cached-since: 2022-06-21T15:47:02+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 22 Jun 2023 15:47:02 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/46506/ 215 KB
74 KB 142ms
138ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:11 GMT
server: nginx
etag: W/"6282426b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-06-21T15:46:38+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 22 Jun 2023 15:46:38 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14149967276947626897/ Frame 7F00 1 KB
2 KB 135ms
96ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14149967276947626897/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a668c2e07fc2a804ec5631256ee709e5a9c32854d9f8fda9931bab5a22dc433d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 02:36:59 GMT
x-content-type-options: nosniff
age: 4390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 13:55:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Jun 2023 02:36:59 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7260351247326499459/ Frame 7F00 14 KB
14 KB 136ms
97ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7260351247326499459/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e51773506955ad9e96b6ac736a8ee61e96fca9fb12e04cdf2e471ff3cdb84b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 02:36:59 GMT
x-content-type-options: nosniff
age: 4390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14100
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 13:55:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Jun 2023 02:36:59 GMT

GET
DATA 200
OK truncated
/ Frame 7F00 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef63f866d442ee157ad79daefc4cd75b5860392ca24d6ada730ddcce854a9150

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7F00 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK moment~timeline.13f717990483d255b26e9b9bece28839.js Show response
platform.twitter.com/js/ 25 KB
8 KB 28ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.13f717990483d255b26e9b9bece28839.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/63DD) /
Resource Hash: c93668f5d8bf7d6665326012689d5c1f2c1014a08ed64c8a7b70ffb2aa580b39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:09 GMT
Content-Encoding: gzip
Age: 291528
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 8083
x-tw-cdn: VZ
Last-Modified: Thu, 02 Jun 2022 18:01:33 GMT
Server: ECS (lhb/63DD)
Etag: "f2f3d20f0d708c491e5f8dbb19602809+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.4cc550bdaa7fb4e1f142f5a1c8056b58.js Show response
platform.twitter.com/js/ 21 KB
7 KB 61ms
27ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.4cc550bdaa7fb4e1f142f5a1c8056b58.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/62A3) /
Resource Hash: 00171d65487b6a8444c849d0d6eb5a2a537103f75f7abc05cc2746f1d758004b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:09 GMT
Content-Encoding: gzip
Age: 291526
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 6587
x-tw-cdn: VZ
Last-Modified: Thu, 02 Jun 2022 18:01:33 GMT
Server: ECS (lhb/62A3)
Etag: "c6b047985eecbcce5bbaead08a74c6bb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 / Show response
go.rcvlink.com/bdto/VqTTH338Ot/ Frame 8A90 4 KB
2 KB 57ms
57ms XHR
application/json 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/VqTTH338Ot/?cache=tp3Y4tfVv2z60xw&ver=220325-1426&w=300&h=0&vw=1600&ms=1271.19&ref=https%3A%2F%2Ftv.ua%2F
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: c8964ac056debd6f0fea5ee8363227d653ddff0868db981a31197275908df208

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 03:50:09 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
hn: b29
cache-control: no-cache, no-store, no-transform, must-revalidate
content-type: application/json
expires: Tue, 28 Jun 2022 06:50:09 +0300

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8D99 0
0 57ms
55ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9IqkcHq6YofxHcO3twej7YCQBJKCy_FfgMCatqQIpY6T0ZIREAEgxuCLeWCRdqAB7sLKnQPIAQGpAuFd5P5WRZI-qAMByAPLBKoEyAFP0G3eecS0mIKqMagX7KbKuTwCs6nqc1SAn37oD7Y3jAcFFEG46RDi6nB27ECxfrlT2XxSJ0GuxfQUmVsSSw4ObLQlha5X0MkzcpyyIJWB5pKjjaGJGy2NJ8ZVHZd8clDX7iHBiFq2X4qYTwMAcQYwm19vrD8jACkmcakWNR9QjB-ahfFTzeVvTJ1X5_I_brOGg7KhF3f_SBIz3YC8zWtDpGL_mVi6aB9R0oxFiY4VDN5A46_81NHrpeQHmY2L3sy4NdYHOrk-S8AEwd2il_oBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB_q8tWKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDBmALSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=zdQSjhkZzes&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=4083251131&adk=377072595&adf=911469249&pi=t.ma~as.4083251131&w=960&lmt=1656388208&psa=0&format=960x180&url=https%3A%2F%2Ftv.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207855&bpp=2&bdt=706&idt=570&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6582773966095&frm=20&pv=1&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=2011206139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nybKpn5Cg3&p=https%3A//tv.ua&dtd=584
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 28 Jun 2022 03:50:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0EB 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=4083251131&adk=377072595&adf=911469249&pi=t.ma~as.4083251131&w=960&lmt=1656388208&psa=0&format=960x180&url=https%3A%2F%2Ftv.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656388207855&bpp=2&bdt=706&idt=570&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6582773966095&frm=20&pv=1&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068226%2C42531607&oid=2&pvsid=2416610305812654&tmod=2011206139&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=nybKpn5Cg3&p=https%3A//tv.ua&dtd=584
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 03:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4fa0a4b4b34a13abefc36d1dc8305ceb
st11.rcvlink.com/2/304/ Frame 8A90 16 KB
16 KB 50ms
48ms Image
image/webp 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
last-modified: Fri, 03 Jun 2022 09:50:28 GMT
server: nginx
etag: "6299d964-1bf89"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16508
expires: Mon, 26 Sep 2022 03:50:09 GMT

GET
H2 200 gt.svg
go.rcvlink.com/img/ Frame 8A90 219 B
428 B 95ms
94ms Image
image/svg+xml 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/gt.svg
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 56d1f1f3e5b1add4f774ea6c58dbb722abd040454ccc1cc1ce38e9fe98e9021d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
last-modified: Tue, 22 Jan 2019 19:51:29 GMT
server: nginx
etag: "5c477441-db"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 219
expires: Tue, 05 Jul 2022 03:50:09 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame 8A90 6 KB
6 KB 101ms
100ms Image
image/png 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Tue, 05 Jul 2022 03:50:09 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 179 KB
14 KB 313ms
209ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_tvua2016_old&dnt=false&domain=tv.ua&lang=ru&screen_name=tvua2016&suppress_response_codes=true&t=1840431&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

3731759d775061ee685956fcad7ac95e97ac0d2e833ab048e6b95f825ddc4e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=184
content-length: 13425
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 182
last-modified: Tue, 28 Jun 2022 03:50:09 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: ccf69029d8bdfa6fd6a2a7b93c0d3474a09e4d46ab92fc506f098cf25695cfa3
timing-allow-origin: *
x-transaction: b022bc6309d8f267
expires: Tue, 28 Jun 2022 03:55:09 GMT

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
495 B 40ms
40ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 28 Jun 2022 03:50:09 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://tv.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 167ms
52ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
46ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 429 B
263 B 325ms
247ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2416610305812654&correlator=915082567776307&eid=42531607&output=ldjh&gdfp_req=1&vrg=2022062201&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_tv.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=3286658341&sfv=1-0-38&ecs=20220628&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3Dd4689767ea4d0e0e-22689f44becd00eb%3AT%3D1656388208%3ART%3D1656388208%3AS%3DALNI_MahSo1I5bTjRHZP7SOhuMKxp6X6xA&gpic=UID%3D000007d8ed494adf%3AT%3D1656388208%3ART%3D1656388208%3AS%3DALNI_MbrSzb2M85QlGLLBGzKT68IMbrgzw&abxe=1&dt=1656388209428&lmt=1656388209&dlt=1656388207149&idt=2174&biw=1600&bih=1200&adxs=750&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ftv.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=true&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

192e904921e2c9deb2bdcf8358e93b6962ae0ef62b6b44eaa39a2290f8e1ea57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
263 B 313ms
236ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2416610305812654&correlator=915082567776307&eid=42531607&output=ldjh&gdfp_req=1&vrg=2022062201&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_tv.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=2280541246&sfv=1-0-38&ecs=20220628&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Dd4689767ea4d0e0e-22689f44becd00eb%3AT%3D1656388208%3ART%3D1656388208%3AS%3DALNI_MahSo1I5bTjRHZP7SOhuMKxp6X6xA&gpic=UID%3D000007d8ed494adf%3AT%3D1656388208%3ART%3D1656388208%3AS%3DALNI_MbrSzb2M85QlGLLBGzKT68IMbrgzw&abxe=1&dt=1656388209436&lmt=1656388209&dlt=1656388207149&idt=2174&biw=1600&bih=1200&adxs=1650&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ftv.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=true&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

180acb52e133ae2630975f5dee2779aa65a49e49f708fcdc9caaded4cceb0834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 356ms
279ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2416610305812654&correlator=915082567776307&eid=42531607&output=ldjh&gdfp_req=1&vrg=2022062201&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ctv.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=1581253903&sfv=1-0-38&ecs=20220628&fsapi=false&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm82%26yb_tt%3Dtt4%26yb_ff%3D1%26yb_th%3D19%26yb_tm%3D50%26yb_wd%3D1&sc=1&cookie=ID%3Dd4689767ea4d0e0e-22689f44becd00eb%3AT%3D1656388208%3ART%3D1656388208%3AS%3DALNI_MahSo1I5bTjRHZP7SOhuMKxp6X6xA&gpic=UID%3D000007d8ed494adf%3AT%3D1656388208%3ART%3D1656388208%3AS%3DALNI_MbrSzb2M85QlGLLBGzKT68IMbrgzw&abxe=1&dt=1656388209441&lmt=1656388209&dlt=1656388207149&idt=2174&biw=1600&bih=1200&adxs=2550&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ftv.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1306616285.1656388208&ga_sid=1656388208&ga_hid=790142225&ga_fc=true&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fabf59ba79ca39ed7254ec87c9465842c0cb550f5c61275b59def73177c56e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F30 6 KB
4 KB 169ms
45ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 03:50:09 GMT
expires: Wed, 28 Jun 2023 03:50:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D99 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02a7dbbfdf081b15bf7f9dd06e09127ec0fc08d686bfa449f14bccbf34e3792a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 z Show response
s.znctrack.net/ Frame 3A6C 102 B
444 B 67ms
66ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 5b3a7401795cbaa7dff62888508df766a8cc3830a904c64ea0665613da0cb92f

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tv.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 8D99 44 KB
44 KB 122ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 56011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 12:16:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0EB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

54ms
52ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 03:50:09 GMT
expires: Tue, 28 Jun 2022 03:50:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 03:50:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 189 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8f12aaae7f3a328a03432012870d1812cdc893c8ab6dbf9520db50090431ce1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 / Show response
c.mgid.com/pv/ 0
67 B 123ms
112ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1656388209648499579904&uniqId=0405d&lct=1655251200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftv.ua%2F&lu=https%3A%2F%2Ftv.ua%2F&sessionId=62ba7a72-0e587&pageView=1&pvid=181a86e4bf09ab44e2b&site=435186&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/v/tv.ua.1289914.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 722374e67be28880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
BLOB 206
Partial Content 80a0167f-8fb1-4753-b8a8-9d5845e89f79
https://tv.ua/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tv.ua/80a0167f-8fb1-4753-b8a8-9d5845e89f79
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 CxcfTRQC
pbs.twimg.com/card_img/1540265303724232704/ Frame BB16 10 KB
10 KB 41ms
32ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1540265303724232704/CxcfTRQC?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/631B) /

Resource Hash

59dd5dd2d3c4a48016edc82eecb4b890816c91da336786e69691eb0a1f5e97ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 324886
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 9760
x-response-time: 157
surrogate-key: card_img card_img/bucket/0 card_img/1540265303724232704
last-modified: Fri, 24 Jun 2022 09:25:19 GMT
server: ECS (lhb/631B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 22ac6b1d4796d9d5cb3b8c6bf0bacfaecb31b68af726467109d37aad5e340e55
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 4QgyUT0P
pbs.twimg.com/card_img/1539212006145892353/ Frame BB16 6 KB
6 KB 50ms
41ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539212006145892353/4QgyUT0P?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/631F) /

Resource Hash

2e2a9d934a7d64ccc7138094617817770a358befc85a02b83334559c59701175

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 576067
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 5761
x-response-time: 152
surrogate-key: card_img card_img/bucket/3 card_img/1539212006145892353
last-modified: Tue, 21 Jun 2022 11:39:54 GMT
server: ECS (lhb/631F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 16f671f55eacd92d6027d0dd6bcd4196a4bbfce9a416f81bbcac7e0e126331f0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 eGfeesVH
pbs.twimg.com/card_img/1541429884332826625/ Frame BB16 6 KB
6 KB 62ms
53ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1541429884332826625/eGfeesVH?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/633B) /

Resource Hash

5f1d9f982b3f876888c1e50489efff6acc8622eb88dc2b3342dabd15a4d525b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 47355
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length: 6157
x-response-time: 178
surrogate-key: card_img card_img/bucket/7 card_img/1541429884332826625
last-modified: Mon, 27 Jun 2022 14:32:57 GMT
server: ECS (lhb/633B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f55144dfd97dc9484b4e79300585e3c8eb11d4fd9a7f79ac839f99531c657d75
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 UjuWmcWL
pbs.twimg.com/card_img/1541425031347150849/ Frame BB16 4 KB
4 KB 36ms
27ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1541425031347150849/UjuWmcWL?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6321) /

Resource Hash

9df5e20f1796dc1825ad4b7014d27d72bf4bb20605670c9db6d07ba26f059462

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 48480
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 4036
x-response-time: 171
surrogate-key: card_img card_img/bucket/7 card_img/1541425031347150849
last-modified: Mon, 27 Jun 2022 14:13:40 GMT
server: ECS (lhb/6321)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 61e9974ec284ec1d5ae4965116e3714321b49ea8c328f8a532a9ceb26ace791c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KsKUQa40
pbs.twimg.com/card_img/1540670181067726850/ Frame BB16 8 KB
9 KB 38ms
29ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1540670181067726850/KsKUQa40?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63FE) /

Resource Hash

fc1124a18ca4e0f3aa1ff6350185799335ac96302a37f2ab8181a56f0ad4b34a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 227974
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 8587
x-response-time: 151
surrogate-key: card_img card_img/bucket/2 card_img/1540670181067726850
last-modified: Sat, 25 Jun 2022 12:14:10 GMT
server: ECS (lhb/63FE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b9849556f8776248bd29bfc8acc685c5ed32e11f3ba069b65411ea2d05b4a5ce
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Msp_9wO-
pbs.twimg.com/card_img/1540308040733208576/ Frame BB16 4 KB
5 KB 49ms
40ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1540308040733208576/Msp_9wO-?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63D9) /

Resource Hash

2c1c811ddb9ac55839ea354b5adae2474b08d36ea3e7d07eb07645b419298083

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 314651
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 4531
x-response-time: 162
surrogate-key: card_img card_img/bucket/0 card_img/1540308040733208576
last-modified: Fri, 24 Jun 2022 12:15:09 GMT
server: ECS (lhb/63D9)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: acddcb600a04d151502c296e14c6fe86483e23d026f5336b49d9b1621454d741
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 a-o2F4Ny
pbs.twimg.com/card_img/1539723919694827521/ Frame BB16 6 KB
7 KB 29ms
27ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539723919694827521/a-o2F4Ny?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6331) /

Resource Hash

03cd9c161d2378b07e714138cc81ecd6e3de4746edf1f1fb15d9612b991f6158

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 454089
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 6518
x-response-time: 181
surrogate-key: card_img card_img/bucket/1 card_img/1539723919694827521
last-modified: Wed, 22 Jun 2022 21:34:03 GMT
server: ECS (lhb/6331)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 13edc6715aa4608a5a89770bb0c9af52188c586c0548c8daee6c336854197f96
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 B6UwW_z5
pbs.twimg.com/card_img/1539712442804191235/ Frame BB16 6 KB
6 KB 30ms
28ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539712442804191235/B6UwW_z5?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63BB) /

Resource Hash

552f8b86297ac745919b009b3bde45bc824bd9bfbe5f417debffdd6cff62daae

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 456962
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 6194
x-response-time: 183
surrogate-key: card_img card_img/bucket/9 card_img/1539712442804191235
last-modified: Wed, 22 Jun 2022 20:48:27 GMT
server: ECS (lhb/63BB)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d8c508a2b698153f54611ff4969d662fbabbe70fe1157700c4714e814b85ec0c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 zekdHVha
pbs.twimg.com/card_img/1524472987688263680/ Frame BB16 16 KB
17 KB 31ms
29ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1524472987688263680/zekdHVha?format=jpg&name=280x280

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/630D) /

Resource Hash

d280faa2a0949ed5429eabb9aa6b6656539409e694faf55837c2910320545c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 371704
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 16844
x-response-time: 235
surrogate-key: card_img card_img/bucket/2 card_img/1524472987688263680
last-modified: Wed, 11 May 2022 19:32:18 GMT
server: ECS (lhb/630D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f0b2d202b712e4c2cd7c2cb5b94e184da88d8792cae5a804f3eea45ee044839d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 sB0ucNlh
pbs.twimg.com/card_img/1539679871160291328/ Frame BB16 8 KB
8 KB 33ms
32ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539679871160291328/sB0ucNlh?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6359) /

Resource Hash

531f326991acd6623c3723a483df598f34220f6c0663597a0bf17d165d96a5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 464774
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length: 7714
x-response-time: 164
surrogate-key: card_img card_img/bucket/4 card_img/1539679871160291328
last-modified: Wed, 22 Jun 2022 18:39:01 GMT
server: ECS (lhb/6359)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 925de543080b40e1ccf2fe58ed12c14d979ce992f3895c590801b3cb325b2eec
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 YChc3jfK
pbs.twimg.com/card_img/1539664165555544065/ Frame BB16 6 KB
6 KB 32ms
31ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539664165555544065/YChc3jfK?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/62B5) /

Resource Hash

6132cc603b154e4d9daa14fceb867eb8d18bee4924a070afa42a707e53f10dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 468564
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 6217
x-response-time: 160
surrogate-key: card_img card_img/bucket/5 card_img/1539664165555544065
last-modified: Wed, 22 Jun 2022 17:36:37 GMT
server: ECS (lhb/62B5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 22dd843acc6f0a08f06f76ba6c9ec61545d4d52519f11e6ee9149d9b1aa4a0e2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 4vVAePHt
pbs.twimg.com/card_img/1539653400505323520/ Frame BB16 5 KB
5 KB 27ms
26ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539653400505323520/4vVAePHt?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/628A) /

Resource Hash

37fd2774fb7340c6a1b87f3c8cac5611196d4d440f40fc3f60422bb2464b3996

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 471019
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 5027
x-response-time: 161
surrogate-key: card_img card_img/bucket/3 card_img/1539653400505323520
last-modified: Wed, 22 Jun 2022 16:53:50 GMT
server: ECS (lhb/628A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 676cf8ba63f97dc743d6a7dbf0e86122b1e015315a7cb602ec2251eb23211ec8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Hvbj0036
pbs.twimg.com/card_img/1539644282797232133/ Frame BB16 7 KB
8 KB 28ms
26ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539644282797232133/Hvbj0036?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6382) /

Resource Hash

6085ba747e65c083b5ae56ffe1b0b25d654dcc46a1911105d27baa58f86f778b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 473128
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 7622
x-response-time: 185
surrogate-key: card_img card_img/bucket/1 card_img/1539644282797232133
last-modified: Wed, 22 Jun 2022 16:17:36 GMT
server: ECS (lhb/6382)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6dd63af786b299a5c010e6c0b01f1bc7be8a0589997e39652026195fd9e53c2e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0rP7Ighj
pbs.twimg.com/card_img/1539642259062136833/ Frame BB16 4 KB
4 KB 28ms
27ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539642259062136833/0rP7Ighj?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6309) /

Resource Hash

644d87c0adc84234bde2272521e405b5234dd55bdb3fa55241e49b4a78eb955c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 473720
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 4391
x-response-time: 159
surrogate-key: card_img card_img/bucket/4 card_img/1539642259062136833
last-modified: Wed, 22 Jun 2022 16:09:34 GMT
server: ECS (lhb/6309)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9d4b12bd78c50faa935f4d9839f304050ec9554e970800db853aa5fb2de7b6ac
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5veSVk1c
pbs.twimg.com/card_img/1539645115467124738/ Frame BB16 7 KB
7 KB 30ms
28ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539645115467124738/5veSVk1c?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6343) /

Resource Hash

d67da6815efd26111dc58a60ce06e9aedcc9963425d64f02f302f0eb8b610ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 472749
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 7273
x-response-time: 173
surrogate-key: card_img card_img/bucket/0 card_img/1539645115467124738
last-modified: Wed, 22 Jun 2022 16:20:55 GMT
server: ECS (lhb/6343)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 97a2ca5e569f8da18968df0a549126553203a1355cf5572c59fd9205736386ff
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 OaMbc61I
pbs.twimg.com/card_img/1539645116045938688/ Frame BB16 5 KB
5 KB 33ms
32ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539645116045938688/OaMbc61I?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/635A) /

Resource Hash

18bc60855754fc8761d6952952ddf9f477465d8eb7f839716ec565a999fcf0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 473128
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 5075
x-response-time: 173
surrogate-key: card_img card_img/bucket/2 card_img/1539645116045938688
last-modified: Wed, 22 Jun 2022 16:20:55 GMT
server: ECS (lhb/635A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c6aabd3c05e21c67adf515c7b85ee2ce32ea82449e274ec6ab8cfea7d09c0ae
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 9y11Wu8y
pbs.twimg.com/card_img/1539641779749789697/ Frame BB16 4 KB
4 KB 31ms
30ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539641779749789697/9y11Wu8y?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63DD) /

Resource Hash

8e9c426d0c6209bf318903e1a8f5418202c1d3a4ed9b34e594347fbf51bb5374

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 473720
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 4201
x-response-time: 179
surrogate-key: card_img card_img/bucket/4 card_img/1539641779749789697
last-modified: Wed, 22 Jun 2022 16:07:40 GMT
server: ECS (lhb/63DD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4cfb3ebb5656174f60851ba0ad2547bb31947f583ef056e33d3ca54638d4c6d6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qAlW29L-
pbs.twimg.com/card_img/1539642470576816128/ Frame BB16 6 KB
6 KB 32ms
28ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539642470576816128/qAlW29L-?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/62B5) /

Resource Hash

45948f2f92a60b9d0c6fb2811c4e65355a5090eb94278353fb334fc2600eacf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 473702
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
content-length: 5777
x-response-time: 173
surrogate-key: card_img card_img/bucket/7 card_img/1539642470576816128
last-modified: Wed, 22 Jun 2022 16:10:24 GMT
server: ECS (lhb/62B5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 036f25ee2e28e48c2031102c25592faf5a454ca072d815ae60d269c97ef9d35b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1RubiIEj
pbs.twimg.com/card_img/1539559994101600257/ Frame BB16 8 KB
8 KB 27ms
26ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539559994101600257/1RubiIEj?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63A5) /

Resource Hash

b6fbcfecc8da40835162f3f6bc65aac295fd63220123be2cd365cda40f874844

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 493033
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 7769
x-response-time: 142
surrogate-key: card_img card_img/bucket/3 card_img/1539559994101600257
last-modified: Wed, 22 Jun 2022 10:42:40 GMT
server: ECS (lhb/63A5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0507950da5c770886e30c3fa5c94f3cb7ad03f039ad39193893f53b2772ae600
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 e0ZEpU7I
pbs.twimg.com/card_img/1539559666765729792/ Frame BB16 8 KB
8 KB 28ms
27ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539559666765729792/e0ZEpU7I?format=jpg&name=144x144_2

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63DA) /

Resource Hash

db202af23f36457d934d89f536d7b1057866be2b8c961dd3c4c4b6141795020a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 493079
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 8394
x-response-time: 163
surrogate-key: card_img card_img/bucket/3 card_img/1539559666765729792
last-modified: Wed, 22 Jun 2022 10:41:22 GMT
server: ECS (lhb/63DA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4778085969192a2e5b8d7bbacf56db8db6c07f36cce512adcb28abfd7c7e15b5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame BB16 53 KB
12 KB 32ms
30ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6381) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:09 GMT
Content-Encoding: gzip
Age: 291528
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Thu, 02 Jun 2022 18:01:30 GMT
Server: ECS (lhb/6381)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 26ms
25ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6381) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 03:50:09 GMT
Content-Encoding: gzip
Age: 291528
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Thu, 02 Jun 2022 18:01:30 GMT
Server: ECS (lhb/6381)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 48ms
35ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 2271
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQZ016TJQM3CQAQ
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 722374e6fc638880-LHR
expires: Wed, 29 Jun 2022 03:50:09 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
814 B 49ms
37ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 2356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 722374e6fc618880-LHR
expires: Wed, 29 Jun 2022 03:50:09 GMT

GET
H2 200 CxcfTRQC
pbs.twimg.com/card_img/1540265303724232704/ Frame BB16 10 KB
10 KB 31ms
30ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1540265303724232704/CxcfTRQC?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.13f717990483d255b26e9b9bece28839.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/635A) /

Resource Hash

59dd5dd2d3c4a48016edc82eecb4b890816c91da336786e69691eb0a1f5e97ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 324886
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 9760
x-response-time: 157
surrogate-key: card_img card_img/bucket/0 card_img/1540265303724232704
last-modified: Fri, 24 Jun 2022 09:25:19 GMT
server: ECS (lhb/635A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 22ac6b1d4796d9d5cb3b8c6bf0bacfaecb31b68af726467109d37aad5e340e55
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 4QgyUT0P
pbs.twimg.com/card_img/1539212006145892353/ Frame BB16 6 KB
6 KB 35ms
34ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1539212006145892353/4QgyUT0P?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.13f717990483d255b26e9b9bece28839.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6367) /

Resource Hash

2e2a9d934a7d64ccc7138094617817770a358befc85a02b83334559c59701175

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 576067
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ,edge;dur=8
content-length: 5761
x-response-time: 152
surrogate-key: card_img card_img/bucket/3 card_img/1539212006145892353
last-modified: Tue, 21 Jun 2022 11:39:54 GMT
server: ECS (lhb/6367)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 16f671f55eacd92d6027d0dd6bcd4196a4bbfce9a416f81bbcac7e0e126331f0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 eGfeesVH
pbs.twimg.com/card_img/1541429884332826625/ Frame BB16 6 KB
6 KB 34ms
33ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1541429884332826625/eGfeesVH?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.13f717990483d255b26e9b9bece28839.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/63A7) /

Resource Hash

5f1d9f982b3f876888c1e50489efff6acc8622eb88dc2b3342dabd15a4d525b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 47355
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ,edge;dur=8
content-length: 6157
x-response-time: 178
surrogate-key: card_img card_img/bucket/7 card_img/1541429884332826625
last-modified: Mon, 27 Jun 2022 14:32:57 GMT
server: ECS (lhb/63A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f55144dfd97dc9484b4e79300585e3c8eb11d4fd9a7f79ac839f99531c657d75
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 UjuWmcWL
pbs.twimg.com/card_img/1541425031347150849/ Frame BB16 4 KB
4 KB 34ms
34ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1541425031347150849/UjuWmcWL?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.13f717990483d255b26e9b9bece28839.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/635D) /

Resource Hash

9df5e20f1796dc1825ad4b7014d27d72bf4bb20605670c9db6d07ba26f059462

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 48480
x-cache: MISS
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=10
content-length: 4036
x-response-time: 171
surrogate-key: card_img card_img/bucket/7 card_img/1541425031347150849
last-modified: Mon, 27 Jun 2022 14:13:40 GMT
server: ECS (lhb/635D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 61e9974ec284ec1d5ae4965116e3714321b49ea8c328f8a532a9ceb26ace791c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KsKUQa40
pbs.twimg.com/card_img/1540670181067726850/ Frame BB16 8 KB
9 KB 30ms
26ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1540670181067726850/KsKUQa40?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.13f717990483d255b26e9b9bece28839.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6320) /

Resource Hash

fc1124a18ca4e0f3aa1ff6350185799335ac96302a37f2ab8181a56f0ad4b34a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 227974
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 8587
x-response-time: 151
surrogate-key: card_img card_img/bucket/2 card_img/1540670181067726850
last-modified: Sat, 25 Jun 2022 12:14:10 GMT
server: ECS (lhb/6320)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b9849556f8776248bd29bfc8acc685c5ed32e11f3ba069b65411ea2d05b4a5ce
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Msp_9wO-
pbs.twimg.com/card_img/1540308040733208576/ Frame BB16 4 KB
5 KB 37ms
33ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1540308040733208576/Msp_9wO-?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.13f717990483d255b26e9b9bece28839.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6367) /

Resource Hash

2c1c811ddb9ac55839ea354b5adae2474b08d36ea3e7d07eb07645b419298083

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 314651
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 4531
x-response-time: 162
surrogate-key: card_img card_img/bucket/0 card_img/1540308040733208576
last-modified: Fri, 24 Jun 2022 12:15:09 GMT
server: ECS (lhb/6367)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: acddcb600a04d151502c296e14c6fe86483e23d026f5336b49d9b1621454d741
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 YGz4uVvg_normal.jpg
pbs.twimg.com/profile_images/746007943569641472/ Frame BB16 2 KB
2 KB 32ms
31ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/746007943569641472/YGz4uVvg_normal.jpg

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6320) /

Resource Hash

7b468b638fd818f510fb110d04801b5b95c143d7175aa7638256638062ca9cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 423338
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2187
x-response-time: 111
surrogate-key: profile_images profile_images/bucket/4 profile_images/746007943569641472
last-modified: Thu, 23 Jun 2016 15:50:08 GMT
server: ECS (lhb/6320)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ef5f7e127420c2c78692d48d1c24899ed4aeed1ce17e93b5de1e81481f63dcb0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 jaam0u_T_normal.jpg
pbs.twimg.com/profile_images/1305900997080879104/ Frame BB16 2 KB
2 KB 28ms
27ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1305900997080879104/jaam0u_T_normal.jpg

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6382) /

Resource Hash

0c22c55d823214c3518c14a4e4ee7cec906d6a3584ac5041cf84b16be83b70a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
age: 258370
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2263
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/6 profile_images/1305900997080879104
last-modified: Tue, 15 Sep 2020 16:05:14 GMT
server: ECS (lhb/6382)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a3cef571e66e2ad413568d84c795571600d8bcb677cbe1815ef70cea082485f8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame BB16 44 KB
7 KB 137ms
29ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lha/8D55) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404494
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (lha/8D55)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: c5c9a9e20c79ed898d1855eaa2bb36139641fe236911a42fb727e41d39291eaf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 05 Jul 2022 03:50:09 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 138ms
31ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lha/8D55) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404494
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (lha/8D55)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: c5c9a9e20c79ed898d1855eaa2bb36139641fe236911a42fb727e41d39291eaf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 05 Jul 2022 03:50:09 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1289914/ 1 KB
898 B 75ms
67ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1289914/1?pv=5&cbuster=1656388209832576410986&uniqId=0405d&lct=1655251200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=250&maxw_1=300&maxh_1=250&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Ftv.ua%2F&lu=https%3A%2F%2Ftv.ua%2F&sessionId=62ba7a72-0e587&pageView=1&pvid=181a86e4bf09ab44e2b&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/v/tv.ua.1289914.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5067c53a34897429ee54dcee353be00e717c4f3db9d5ba038dca016d51b24c4e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 722374e79cea8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 container.html Show response
77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F15 6 KB
3 KB 131ms
37ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 03:50:09 GMT
expires: Wed, 28 Jun 2023 03:50:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 52ms
40ms Image
text/html 212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=Y3Nqb1JWdFU0OWljeWFhdktERWwxR2ZGbjVzelJkWDlNUWNUemYweWFRUXVwRjg0WDI2RlUxM2g4aWc1Rjl1UFp5aGFwYVJqYzBjbnpVMERlNmx1dGtic1U5dE4zenRUUUNMeEN6MDFKVGFCTFB6NWpnWEZqQndOMkRPRDhmbktWVlhBOGVRZG5OZ2YwRFdCTkJsTHFxdzlkNFVEYjltMCtBQXZ4Um5yK1NRcTZ6aUlBOG1sQ1RpajNLVlB4bFpvMWZacjV1S0U0cVZBcGhkNmlxTzBiVTdVd2JGK1BkTjRuamhLdXp4Nm9xK21UWVBwNjh2ZXJlSytZZllUUnczcWlKd2FFSWdrQjlBTTBLMTRyQ2ZxYUE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Jun 2022 03:50:09 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 NUf31DeV05jg6rbNTwXiBfRLQ8hv8NSyvu4XMwxgjz4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FAE 36 KB
14 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NUf31DeV05jg6rbNTwXiBfRLQ8hv8NSyvu4XMwxgjz4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3547f7d43795d398e0eab6cd4f05e205f44b43c86ff0d4b2beee17330c608f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13897
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:46:08 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9iNTNmNjZkN...
s-img.mgid.com/g/12578188/492x277/-/ 376 KB
377 KB 128ms
44ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12578188/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9iNTNmNjZkNjU0YWFkZDRmMDVlODFjZTg4ZDNlYTFiNS5naWY.gif?v=1656388209-FpwYq4Q1tl0IyrUHf922O5WbnML4Y5-I2SPdZQFDwsU
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8141674e51cef636b2b0da34fe408ccad8171f027cd225cb31aa57b1d4c8bf0f

Request headers

Referer: https://tv.ua/
Origin: https://tv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
cf-cache-status: HIT
x-mg-request-uuid: 7ce6e5be-2859-4b0e-9619-677fba19f473
age: 3576963
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 385183
last-modified: Tue, 17 May 2022 18:08:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 722374e8aca0719e-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 i.js Show response
cm.mgid.com/ 0
125 B 138ms
116ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1656388209930191388034
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/v/tv.ua.1289914.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 722374e84d8d8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame E6CB 0
38 B 121ms
120ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1656388209950227039205
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/v/tv.ua.1289914.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 722374e84d8f8880-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
380 B 135ms
134ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftv.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3Atvua2016%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1656388210118%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b45a03c79d4c1%3A1654150928467%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=0832615119b9044b3896f1a81df4121f687bad29

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Tue, 28 Jun 2022 03:50:10 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6ce1bbb1dfd60405e56e41dc256eba4014d7de683a1f139cf594439e1f379ee1
x-transaction: ac4d4e551bdb461e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F15 0
0 70ms
69ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc0xacXq6Ypu6I66z9u8Pk56-mAHK7o-1ZufP-LuMCsCNtwEQASAAYJkGggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQngAgCoAwGqBOMBT9Dc-DFvPs90yS9EKI2D9DplDFZ-6VuU1oYNIdXX_1Or71OKH5W5vk3vRQIx-UtQpDDJtyGmrsVaK-GOH48fUMPmiDKXWU_Y9Tqp2KsjvugX0YJ3tSq-FOlgmD0z8vx2MZVTPQFta3wwIxSO00WLc7Mw87kIIsrrSm4o1mAqCG9iOOdvXKPC4y42GtY5hL192bej4VX-ZycQhNinAWCS2YJe-5rbd_qMSbT2bnVk7E9hzxSUD_2zSMN2LLUJSWBH1uoyWnPEoAth3bYTdXbiBZD5aiRKUNo6Xpd1fDBmxsdMjjDgBAGABqCJh6uaqLDjRaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi00MzU0MzE3NDEwODMyODI2gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgyNDEwNDk0OTc2MDg5OTcY8_EW&sigh=QnlAW1DFv9I&uach_m=[UACH]&cid=CAQSPACNIrLMJ3qungQABVothraDSdZGFXhHSUiGFYADtJVHPod7yAQZAxo1vda4ZYHULp99hj0eZlirce1DXRgB
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 doubleWin Show response
win.eskimi.com/ Frame 8F15 43 B
161 B 111ms
38ms Fetch
image/gif 130.211.27.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://win.eskimi.com/doubleWin?eid=2&w=EiEKFllycDZjUUFKd0lBSzFjNGFvQW9jZGcQAhj8l7nDmjAYBSCAquwtKIT8RDHLoUW28_2kP0F7FK5H4XqEP0jvy4OZAlD9tKUTWLb9B2DIyzdoAnDYnwJ40eB9gAEGmgEbQ0FFU0VPaXhFR0FLSzl3N1lzNng5SDFZV2w0ogEbQ0FFU0VPaXhFR0FLSzl3N1lzNng5SDFZV2w0qQFpcjEG1nGsP7IBEyACOglrb2Nhc2luYW5CAnRySAHCAR4IAhCE_EQY_bSlEyABKMAkMAU4CFjIyzdoA3ABeALKASA2YjlhMDAzOTNmYjE2MDdiMGFkYTEzNTIwZjgxNGFiNQ%3D%3D&esc=false&spent=Yrp6cQAI3RsH_ZmuAA-PE2ng-tDbjihnQEcShg
Requested by: Host: tv.ua
URL: https://tv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.27.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.27.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 style.css
dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/ Frame 8F15 3 KB
1 KB 133ms
35ms Stylesheet
text/css 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/style.css

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

fdc2d77f9f7a5cacbb24f5cfb642440a8def02b230f78005f2ec8008473380a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 10:26:50
cdn-pullzone: 692289
server: BunnyCDN-DE-832
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Tue, 27 Jun 2023 10:26:50 GMT
last-modified: Wed, 22 Jun 2022 13:49:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62b31e05-ac4"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid: e029fa293258c385944b756687058fea
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/js/ Frame 8F15 86 KB
33 KB 137ms
40ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/js/jquery.min.js

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 10:26:51
cdn-pullzone: 692289
server: BunnyCDN-DE-832
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Tue, 27 Jun 2023 10:26:51 GMT
last-modified: Thu, 16 Apr 2020 09:37:38 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5e982762-15857"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid: 6c2ba9401fd906b54c473d67a2ff0ee3
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cap
dsp-trk.eskimi.com/ Frame 8F15 43 B
161 B 115ms
33ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/cap?id=CAESEOixEGAKK9w7Ys6x9H1YWl4&dc=5&tz=%2B03:00&sgid=589358575&pid=40458877&cid=130742&crid=910792
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 1_7609562b31e07c08bf_2212294583.js Show response
dsp-media.eskimi.com/upload/js/ Frame 8F15 5 KB
3 KB 197ms
104ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/upload/js/1_7609562b31e07c08bf_2212294583.js?_=1655905799

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

92144714d4125696263e20ff8ff00af3b5bc86cbf54866b2764ab6be31d31b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 10:26:51
cdn-pullzone: 692289
server: BunnyCDN-DE-832
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Tue, 27 Jun 2023 10:26:51 GMT
last-modified: Wed, 22 Jun 2022 13:49:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62b31e07-1480"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid: 59a5c79ce8f088732d347980db01935b
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

B28050068.339256661;dc_pre=CLrFjfeez_gCFUeTdwod1ssHDA;dc_trk_aid=531630523;dc_trk_cid=173905929;ord=1656388209;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$0;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimpj/N986228.3753118SOSYOLOGGER/ Frame 8F15
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N986228.3753118SOSYOLOGGER/B28050068.339256661;dc_trk_aid=531630523;dc_trk_cid=173905929;ord=1656388209;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimpj/N986228.3753118SOSYOLOGGER/B28050068.339256661;dc_pre=CLrFjfeez_gCFUeTdwod1ssHDA;dc_trk_aid=531630523;dc_trk_cid=173905929;ord=1656388209;dc_lat=;dc_rdid=;t...

14 KB
11 KB

142ms
67ms

Script
text/javascript

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N986228.3753118SOSYOLOGGER/B28050068.339256661;dc_pre=CLrFjfeez_gCFUeTdwod1ssHDA;dc_trk_aid=531630523;dc_trk_cid=173905929;ord=1656388209;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$0;gdpr_consent=;ltd=?

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

381df1e1f3724fbf936e890ac3abe2b98aa75c57d177624a055e218e590074e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10813
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N986228.3753118SOSYOLOGGER/B28050068.339256661;dc_pre=CLrFjfeez_gCFUeTdwod1ssHDA;dc_trk_aid=531630523;dc_trk_cid=173905929;ord=1656388209;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$0;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad-choice.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 8F15 3 KB
2 KB 194ms
103ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/ad-choice.min.js?_=2.1.0.5

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

cbf3c064cae2cf267d7cc01cd279cf1adadc1387c3e542b387ac60a8a07bee7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 03/12/2022 16:47:42
cdn-pullzone: 692289
server: BunnyCDN-DE-832
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 12 Mar 2023 16:47:42 GMT
last-modified: Mon, 28 Feb 2022 12:27:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"621cbfb5-bfe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid: 92e8f867c749781ad1ca7d6eae6d34c8
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cellularTracking.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 8F15 803 B
1 KB 194ms
103ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/cellularTracking.min.js?v=1

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

33dc14e1be2ccee701bf1afe545c0602f2723e4bf29a824332bbf55486d38b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 03/12/2022 10:29:59
cdn-pullzone: 692289
server: BunnyCDN-DE-832
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 12 Mar 2023 10:29:59 GMT
last-modified: Tue, 18 Aug 2020 12:41:28 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5f3bcc78-323"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid: af37fdf6baac543eb67ee533917ca7b8
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 utr
dsp-trk.eskimi.com/ Frame 8F15 43 B
99 B 111ms
35ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/utr?coId=CAESEOixEGAKK9w7Ys6x9H1YWl4&e=2
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 8F15 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2019.js

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 03:47:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F15 138 KB
42 KB 825ms
824ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 03:50:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 8F15 17 KB
7 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7350
x-xss-protection: 0
server: cafe
etag: 4581267900612465077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Jul 2022 21:44:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8F15 0
0 132ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlYwyOdAAoq-uQrOdIbsU0fPIO2GCEWrG0dkCDTYBnsf7SDU1z2_JlawKf-ePBVsBbGEWo28LkxNdAiesreMpFkPrsIw
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8F15 22 KB
7 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Jun 2023 11:54:35 GMT

GET
H2 200 empty.png
dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/ Frame 8F15 100 B
546 B 35ms
35ms Image
image/png 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/empty.png
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 45e63149180a427e6a2111978cf28c55793cd493106f3717037e812b48f3f357

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
cdn-edgestorageid: 832
cdn-cachedat: 06/27/2022 10:26:51
cdn-pullzone: 692289
cdn-requestpullsuccess: True
content-length: 100
server: BunnyCDN-DE-832
last-modified: Thu, 16 Apr 2020 09:37:38 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "5e982762-64"
content-type: image/png
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 86b5e02d0ec43b1c876edd9b552a8cce
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
expires: Tue, 27 Jun 2023 10:26:51 GMT

GET
H2 200 closeBtn.png
dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/ Frame 8F15 648 B
1 KB 36ms
36ms Image
image/png 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/closeBtn.png
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: c580a279b5a0080ccb31014256e34d9759ed399c8970e95019995767e2fa6874

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
cdn-edgestorageid: 832
cdn-cachedat: 06/27/2022 10:26:51
cdn-pullzone: 692289
cdn-requestpullsuccess: True
content-length: 648
server: BunnyCDN-DE-832
last-modified: Thu, 16 Apr 2020 09:37:36 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "5e982760-288"
content-type: image/png
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: f8fe785b19752a82228a30584a5045aa
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
expires: Tue, 27 Jun 2023 10:26:51 GMT

GET
H2 200 pic1.jpg
dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/ Frame 8F15 102 KB
103 KB 43ms
42ms Image
image/jpeg 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/pic1.jpg

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

ea72133c08b7213f62b02520e441414a1f052e395b269fe54193e375a027c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 10:26:51
cdn-pullzone: 692289
cdn-requestpullsuccess: True
content-length: 104925
server: BunnyCDN-DE-832
last-modified: Wed, 22 Jun 2022 13:32:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "62b319d8-199dd"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: cf01d04ac1dd26a120c472a5769b7abe
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
expires: Tue, 27 Jun 2023 10:26:51 GMT

GET
H2 200 pic2.jpg
dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/ Frame 8F15 102 KB
103 KB 66ms
65ms Image
image/jpeg 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/pic2.jpg

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

ea72133c08b7213f62b02520e441414a1f052e395b269fe54193e375a027c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 10:26:51
cdn-pullzone: 692289
cdn-requestpullsuccess: True
content-length: 104925
server: BunnyCDN-DE-832
last-modified: Wed, 22 Jun 2022 13:32:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "62b319d8-199dd"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: ee99712a96daa63b78a1e7d96cc7396c
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
expires: Tue, 27 Jun 2023 10:26:51 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 47ms
47ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=e10cdb66-efd5-4166-8e00-60ccf065030c

Requested by

Host: tv.ua
URL: https://tv.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 28 Jun 2022 03:50:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F15 41 KB
15 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N986228.3753118SOSYOLOGGER/B28050068.339256661;dc_trk_aid=531630523;dc_trk_cid=173905929;ord=1656388209;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$0;gdpr_consent=;ltd=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 11:54:28 GMT

GET
H2 200 adchoice_logo_15x15.png
dsp-media.eskimi.com/upload/wl/eskimi/ Frame 8F15 293 B
787 B 58ms
53ms Image
image/png 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsp-media.eskimi.com/upload/wl/eskimi/adchoice_logo_15x15.png?_=2.1.0.5

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

d7a8e13b65622c665aff7562e5e47af2ade5b08398a3fecfeedc4a84544d40ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 03/12/2022 14:37:37
cdn-pullzone: 692289
cdn-requestpullsuccess: True
content-length: 293
server: BunnyCDN-DE-832
last-modified: Thu, 14 Nov 2019 13:40:34 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "5dcd5952-125"
content-type: image/png
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cache-control: public, max-age=31536000
cdn-requestid: 2eeed4168799cdfe0c6559dd8257753e
accept-ranges: bytes
cdn-requestcountrycode: GB
cdn-status: 200
expires: Sun, 12 Mar 2023 14:37:37 GMT

GET
H3 200 col
dsp-trk.eskimi.com/ Frame 8F15 43 B
54 B 64ms
34ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/col?u=CAESEOixEGAKK9w7Ys6x9H1YWl4&exid=mwpzySg1MM5JBcL43n11qEGXYbyXBkepsj1C6GjzbY0fox6VRqWwmJccUczNP6pL&exidtmp=1&ct=0&cntr=tr&ipl=96146688&op=0&conn=0&extid=2
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 utr.min.js Show response
cdn-europe.eskimi.com/ Frame 8F15 11 KB
5 KB 105ms
35ms Script
application/javascript 2606:4700:3036::ac43:9e01
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-europe.eskimi.com/utr.min.js?cId=130742&dmid=36824&trv=0&fla=1&locid=2060369&sId=589358575&src=utr&spt=CAIQhPxEGP20pRMgASjAJDAFOAhYyMs3aANwAXgC&pId=40458877&bId=1656388209660.2.Yrp6cQAJwIAK1c4aoAocdg&crId=910792&vv=0&prb=6&dtid=2&trve=0&audid=0&baId=ead-d24d3f2e64485edcdafe9245c8faea85&mr=0
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d54880119f0b820d2bcda604d93b516f4f9da8284d3215230b63ab6d1dd2528

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=0FsiuA==, md5=lQTGyOrtLJZ1qP8BJV6YJg==
date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2374
x-guploader-uploadid: ADPycdt7OJCHbO5rXWAEEDe9Mo4I8LGQfF1OTrLj1yNxTyMtnLnmaDSEzC1fk0jdX_cBB6x6CYzkfj5ToyRDcmAhN0n9N5tNv7bw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 06:38:16 GMT
server: cloudflare
etag: W/"9504c6c8eaed2c9675a8ff01255e9826"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcZWbLaroAyI63dDDsaBfPZqwdKkKMoJdZFzkH7cRWN3qdj8NTstY3mvV1Qyyy95kNnvb2tFZuV9jqsml210Fnqw6f9O9hK0ZDHlwbzrVpbc3JU2CFdJ1kve%2F8VDFrhTyAoHm%2FEhVNlnWRXqb6OPqIvw1MQ%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-generation: 1636439896715049
content-type: application/javascript
cache-control: public, max-age=86400
x-goog-stored-content-length: 11112
cf-ray: 722374ec6ced76b3-LHR
expires: Tue, 28 Jun 2022 03:11:39 GMT

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ Frame 8F15 5 KB
3 KB 58ms
54ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-DE-832 /

Resource Hash

9815c5028421996acaf760f85539642ed35bfdb7e2ca0f4a5411530accfb4689

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 03/12/2022 17:41:25
cdn-pullzone: 692289
server: BunnyCDN-DE-832
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 12 Mar 2023 17:41:25 GMT
last-modified: Mon, 28 Feb 2022 12:27:33 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"621cbfb5-12fb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid: 5ebe9fafabcf9a6f63a7257b58fc113f
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8B98 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 78986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 28 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA12 22 KB
8 KB 38ms
37ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 47540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 14:37:50 GMT
expires: Tue, 27 Jun 2023 14:37:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B98
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEKuPcPT-QKPhjNDFpGBT-BY&google_cver=1&google_push=ARnp8GAvFRbPAfuggu27IMlM1BKszyXBUEA3DpHqcHBiLwXXp_h9lUZk4_aMMptQmuC5HWFfPjHhfpcShWEYaiWzP_Nb3Fy1JzOTQA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzlGNjI4QjNEMDhFM0IxMw==

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzlGNjI4QjNEMDhFM0IxMw==

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzlGNjI4QjNEMDhFM0IxMw==
date: Tue, 28 Jun 2022 03:50:10 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET match
um.wbtrk.net/doubleclick/user/ Frame 8B98 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B98
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESEDdTpZEKadMPeSoOXTYhw8c&google_cver=1&google_push=ARnp8GCaayB5SbOVyhf4lLGwayXIm2uR9x75X5WhTrCC-Rqcla2zAgM0TsCvyCoXBHQTv9VrI37Xj6BwWLWylMVAl70YGrwrsdW-yw
https://px.adhigh.net/p/gm/rub?google_gid=CAESEDdTpZEKadMPeSoOXTYhw8c&google_cver=1&google_push=ARnp8GCaayB5SbOVyhf4lLGwayXIm2uR9x75X5WhTrCC-Rqcla2zAgM0TsCvyCoXBHQTv9VrI37Xj6BwWLWylMVAl70YGrwrsdW-y...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GCaayB5SbOVyhf4lLGwayXIm2uR9x75X5WhTrCC-Rqcla2zAgM0TsCvyCoXBHQTv9VrI37Xj6BwWLWylMVAl70YGrwrsdW-yw&google_hm=no6a5A9YCqoAAikABlGBq...

170 B
188 B

50ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GCaayB5SbOVyhf4lLGwayXIm2uR9x75X5WhTrCC-Rqcla2zAgM0TsCvyCoXBHQTv9VrI37Xj6BwWLWylMVAl70YGrwrsdW-yw&google_hm=no6a5A9YCqoAAikABlGBqG5QwQ%3D%3D

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f5-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GCaayB5SbOVyhf4lLGwayXIm2uR9x75X5WhTrCC-Rqcla2zAgM0TsCvyCoXBHQTv9VrI37Xj6BwWLWylMVAl70YGrwrsdW-yw&google_hm=no6a5A9YCqoAAikABlGBqG5QwQ%3D%3D
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B98
Redirect Chain

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEJ80XatDNBPsBg8A_TW94po&google_cver=1&google_push=ARnp8GBRsYYH5rmk_Iy-Y4J0cB3jFyzECTjTAnjMTdhYlWarQVfsp--KPacdIhRCUaGJPhXHY2QPCl4rLzVeYdRnGjFt...
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=ARnp8GBRsYYH5rmk_Iy-Y4J0cB3jFyzECTjTAnjMTdhYlWarQVfsp--KPacdIhRCUaGJPhXHY2QPCl4rLzVeYdRnGjFt5rOSjJSZHw

170 B
188 B

122ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=ARnp8GBRsYYH5rmk_Iy-Y4J0cB3jFyzECTjTAnjMTdhYlWarQVfsp--KPacdIhRCUaGJPhXHY2QPCl4rLzVeYdRnGjFt5rOSjJSZHw

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Jun 2022 03:50:10 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=ARnp8GBRsYYH5rmk_Iy-Y4J0cB3jFyzECTjTAnjMTdhYlWarQVfsp--KPacdIhRCUaGJPhXHY2QPCl4rLzVeYdRnGjFt5rOSjJSZHw
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B98
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESENjnheSEg4FNHcSuCpitLyU&google_cver=1&google_push=ARnp8GD-2XyILD12W5Pm4tPbl-qkm_Xb-S3xc8DpesXMapDwPS_OAL5EMFPY6hZMtFA3t1ycsao4GPo0xwozUouLC...
https://sm.rtb.mts.ru/match/second?ssp=13&google_push=ARnp8GD-2XyILD12W5Pm4tPbl-qkm_Xb-S3xc8DpesXMapDwPS_OAL5EMFPY6hZMtFA3t1ycsao4GPo0xwozUouLCYh7Xqy4RYL3NzE&exu=CAESENjnheSEg4FNHcSuCpitLyU
https://tech.rtb.mts.ru/?dsp_uid=503868ae-7b0a-4109-8c2d-b25bf319f539&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D503868ae-7b0a-4109-8c2d-b25bf319f539%2...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=503868ae-7b0a-4109-8c2d-b25bf319f539&google_push=ARnp8GD-2XyILD12W5Pm4tPbl-qkm_Xb-S3xc8DpesXMapDwPS_OAL5EMFPY6hZMtFA3t1ycsao4GPo0xwozUo...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=503868ae-7b0a-4109-8c2d-b25bf319f539&google_push=ARnp8GD-2XyILD12W5Pm4tPbl-qkm_Xb-S3xc8DpesXMapDwPS_OAL5EMFPY6hZMtFA3t1ycsao4GPo0xwozUouLCYh7Xqy4RYL3NzE

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Jun 2022 03:50:11 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=503868ae-7b0a-4109-8c2d-b25bf319f539&google_push=ARnp8GD-2XyILD12W5Pm4tPbl-qkm_Xb-S3xc8DpesXMapDwPS_OAL5EMFPY6hZMtFA3t1ycsao4GPo0xwozUouLCYh7Xqy4RYL3NzE
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B98
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESELzhZQXsRmmKcsnntyQxItg&google_cver=1&google_push=ARnp8GCkzkZR-5XeZaowcebtP-lawD8MKXrRvFyQn-LbanskEXTslq8-b3IVPtrTkMCYkxVE2qTqwtqUYBKH7rRZJk407nhjC70dRg
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GCkzkZR-5XeZaowcebtP-lawD8MKXrRvFyQn-LbanskEXTslq8-b3IVPtrTkMCY...
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOunYPL4QBgC1WGRqqIeaJLD4B5XcKjMRAlbx-CA&google_push=ARnp8GCkzkZR-5XeZaowcebtP-lawD8MKXrRvFyQn-LbanskEXTslq8-b3IVPtrTkMCYkxVE2qTqwtqUYBKH7rRZJk40...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=ypjQC5hI4RuIWB_l9qbO&google_push=ARnp8GCkzkZR-5XeZaowcebtP-lawD8MKXrRvFyQn-LbanskEXTslq8-b3IVPtrTkMCYkxVE2qTqwtqUYBKH7rRZJk407n...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=ypjQC5hI4RuIWB_l9qbO&google_push=ARnp8GCkzkZR-5XeZaowcebtP-lawD8MKXrRvFyQn-LbanskEXTslq8-b3IVPtrTkMCYkxVE2qTqwtqUYBKH7rRZJk407nhjC70dRg

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
date: Tue, 28 Jun 2022 03:50:11 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_new_eb&google_hm=ypjQC5hI4RuIWB_l9qbO&google_push=ARnp8GCkzkZR-5XeZaowcebtP-lawD8MKXrRvFyQn-LbanskEXTslq8-b3IVPtrTkMCYkxVE2qTqwtqUYBKH7rRZJk407nhjC70dRg
x-xss-protection: 0
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept
content-length: 227
x-content-type-options: nosniff

GET
H/1.1

404
Not Found

/
b1sync.zemanta.com/usersync/ Frame 8B98
Redirect Chain

https://b1sync.zemanta.com/usersync?google_gid=CAESEEG0bI1Z6W3Q_4ySOVZA3BI&google_cver=1&google_push=ARnp8GBPCECQqMFIrM3QDzcHPAclOVz8AZDxOahmFF9IVV-i0_9jRnesVJIpQn0FssVf9rwwdv-mJthOh7QbRe4SXJQhOKcH...
https://b1sync.zemanta.com/usersync/?google_gid=CAESEEG0bI1Z6W3Q_4ySOVZA3BI&google_cver=1&google_push=ARnp8GBPCECQqMFIrM3QDzcHPAclOVz8AZDxOahmFF9IVV-i0_9jRnesVJIpQn0FssVf9rwwdv-mJthOh7QbRe4SXJQhOKc...

0
0

112ms
110ms

Image
text/plain

50.31.142.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/?google_gid=CAESEEG0bI1Z6W3Q_4ySOVZA3BI&google_cver=1&google_push=ARnp8GBPCECQqMFIrM3QDzcHPAclOVz8AZDxOahmFF9IVV-i0_9jRnesVJIpQn0FssVf9rwwdv-mJthOh7QbRe4SXJQhOKcH6pHe8g
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 50.31.142.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: http://b1sync.zemanta.com/usersync/?google_gid=CAESEEG0bI1Z6W3Q_4ySOVZA3BI&google_cver=1&google_push=ARnp8GBPCECQqMFIrM3QDzcHPAclOVz8AZDxOahmFF9IVV-i0_9jRnesVJIpQn0FssVf9rwwdv-mJthOh7QbRe4SXJQhOKcH6pHe8g
Date: Tue, 28 Jun 2022 03:50:11 GMT
Content-Length: 169
Content-Type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8B98 0
232 B 131ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IznnAcyf48Fx9zJ3NvPb8NVdksZ1pNC84QdkmIjXkbaD_OI8c2yofXNTbxNmOWRa4dvwd0Q8lh

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ Frame 8F15 13 B
514 B 96ms
32ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?&t=1656388210647
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
date: Tue, 28 Jun 2022 03:50:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 8F15 43 B
54 B 32ms
32ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?coId=&bId=1656388209660.2.Yrp6cQAJwIAK1c4aoAocdg&cId=130742&crId=910792&sId=589358575&pId=40458877&trve=0&trv=0&trvv=v2&dvt=&dvm=&locid=2060369&audid=0&prb=6&src=utr&spt=CAIQhPxEGP20pRMgASjAJDAFOAhYyMs3aANwAXgC&_=1656388210651
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 8F15 43 B
54 B 33ms
33ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?coId=&bId=1656388209660.2.Yrp6cQAJwIAK1c4aoAocdg&cId=130742&crId=910792&sId=589358575&pId=40458877&trve=1&trv=0&trvv=v2&dvt=&dvm=&locid=2060369&audid=0&prb=6&src=utr&spt=CAIQhPxEGP20pRMgASjAJDAFOAhYyMs3aANwAXgC&_=1656388210651
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 trv
dsp-trk.eskimi.com/ Frame 8F15 43 B
54 B 33ms
33ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/trv?coId=&bId=1656388209660.2.Yrp6cQAJwIAK1c4aoAocdg&cId=130742&crId=910792&sId=589358575&pId=40458877&trve=1&trv=1&trvv=v2&dvt=&dvm=&locid=2060369&audid=0&prb=6&src=utr&spt=CAIQhPxEGP20pRMgASjAJDAFOAhYyMs3aANwAXgC&_=1656388210659
Requested by: Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js Show response
pagead2.googlesyndication.com/bg/ Frame DA12 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13854
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 19:27:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA12 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BujNzcnq6Yoi0HdfO7_UPubOz-AEAAAAAOAHgBAI&bg=!lpWlldHNAAa8IIBmnCA7ACkAdvg8WoTuyvA5RUWDGeUjeJQU5_XKFw_jWGXYdJvd84yNWrnBROj90wIAAABqUgAAAAJoAQcKAAZ4N9sO5EeZAt1BbpfFlRrokyEC0_3i4lAr4yLJ5WsUiDuEEjyR9Ya2wWPPzvQzbfsCH1TWwCKeEjEPr8GofnESCdutn_sa0wrNfoZchh50I-l3b-3l9wlK1P22TfcWLKVrrFJCeYqbhDvNj7D5qdeqUeXCP7YG37-TFogzmvQ5T-b903R0hIePbZimSPdv3Hp7Nw_h0L6Mz_zyL3HxA6eqgcumoKKim3yYR4sA9GfvXDy1EtWDwNNylNWXxitf6ekSZ6bXx3wfB_Lwpxh3G2aAlsre6zaJWTVG0tCKOOYirHTwuj2yEYEBi1bu3oikYXDTHiRBLDK25BGHVB1xdFLo7iv8dKsdXAoNAiIrRXM-wJdGoOnts7DqTT6OTbJdCRbOmoOkmvyG5OYhXsFMo8yPTqNqZEaVK-HB6LitGoHPUNgMkVAFfth104wFgpfKj-yDYH05Wdtwl5c_fKRl0wj8E56sfpEUefHqrcOVELWDyc1fFoJ-02TfJ6orxnMbt3wlhVrhi1Ib6haFcwXchzI6OtnHnAp8BKCN9WwskVlzto3EEUMx4XL3gYkYoErvGDU5OwD9AU7YC74D5xUun8uN2iUPUIhltzzQq85R-ry1fVvHOM_K6tTh-T-4iaDpRG0IHvyyQwphFRhxXd5LgZiAwHxpMatHWk3u-HyIx955dx4ag1ejka-EWQQMYPDrwdiM7H1_c05eFZU0WeWflKi6ER680KIw6FYqSl9ZuXf4apJhU45lnvkG89wL7kjGM4PTk7j04RzMdwWLu90PS9zA2isspMScrcc5aGzVJkcT7G89u6s8MOL6ouIzrT2-yF-foTf7KYia_2ue4fuj5mujb7FgB3TTq-FKszyOBxJePKwv_Gme2t-LSDyTwf8kdqqBG7-AZK1jtwFercgjQhPJHWR04JYViuons2lVSXfmbW9NC7oFLrNtSa6BbamQ3zaMCZF97Jv7XU736RBybWhAhugNz8kY

Requested by

Host: 77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com
URL: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D99 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvktRWyO6By-LHJG43NYnD2lMEyoA4FbmtXd-nRN13YrzV-yFRC_gqjigZLGX6-HM1VqBykrPUPef6R4jqz3k4mzAUi6bU11H9fLbSVv0oF7hUUVI7YcFXR3zQFTGC9ZirLNmT-hnOcvw&sai=AMfl-YR_u9vGzn_z4Z-w_Oo1Te0bqIudUNylnVa1YJmpFwG8hBsZZWdo3jY65IwkiCu9I0AjYNP7cRsYVTE0&sig=Cg0ArKJSzMFG8p3zqtx3EAE&id=lidar2&mcvt=1000&p=0,0,180,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=377072595&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656388208448&rpt=1434&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7F00 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38e3e5a00e2ac8ff98c37e61a6fe5c91106e5de0fdbd739da085a1638bc182dd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7F00 28 KB
28 KB 128ms
50ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 457997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 20:36:54 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7F00 14 KB
14 KB 122ms
45ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:44:46 GMT
x-content-type-options: nosniff
age: 457525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 20:44:46 GMT

GET
H3 200 NUf31DeV05jg6rbNTwXiBfRLQ8hv8NSyvu4XMwxgjz4.js Show response
pagead2.googlesyndication.com/bg/ Frame 71E1 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NUf31DeV05jg6rbNTwXiBfRLQ8hv8NSyvu4XMwxgjz4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3547f7d43795d398e0eab6cd4f05e205f44b43c86ff0d4b2beee17330c608f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13897
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:46:08 GMT

GET
DATA 200
OK truncated
/ Frame 8F15 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0a38fa362dd107cb7258e6b2c8747f0926baa2502affd0b31db8a628735d2db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET ads
googleads.g.doubleclick.net/pagead/ Frame D115 0
0

GET page.php
www.facebook.com/v3.2/plugins/ Frame 21AA 0
0

GET /
exchange.informer.ua/informer/stat/ Frame C8B0 0
0

GET iframe.htm
go.rcvlink.com/static/ Frame FB0C 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 50ms
50ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d6e4ca18020c29664202a7742b712cd4f796b925688e76d74bdd4b91eb5e45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 03:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10757
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 03:50:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5288 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 20537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 22:07:54 GMT
expires: Tue, 27 Jun 2023 22:07:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2636 783 B
536 B 47ms
46ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b352857ea899d23cf0f8ec440dae30435069a9c5688703408677b8681c22668f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Oy5BxRe4XAuUylwpV874vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Oy5BxRe4XAuUylwpV874vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 03:50:11 GMT
expires: Tue, 28 Jun 2022 03:50:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 NUf31DeV05jg6rbNTwXiBfRLQ8hv8NSyvu4XMwxgjz4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5288 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NUf31DeV05jg6rbNTwXiBfRLQ8hv8NSyvu4XMwxgjz4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3547f7d43795d398e0eab6cd4f05e205f44b43c86ff0d4b2beee17330c608f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13897
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 19:46:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2636 0
0 90ms
90ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=2416610305812654&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5288 0
9 B 37ms
37ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oEGmSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 03:50:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220623&jk=2416610305812654&bg=!uLulu__NAAa8IIBmnCA7ACkAdvg8Wlb30v_q7vN7_W8LKqCePc89LppdCHQh4uBn360Xo_gBVnRUAAIAAABiUgAAAAJoAQcKAKW4UZoKxijJJ74jaoyQkgFYsR9Db6a_UXIksZMG0mmsBE4cFsLHseFEbADcbihCAXkIv1rrt1o-aIvglxy7-IV8ccXSnEtZjlgg5yFSt7A8dQcE_vpLPvDbfrFbX5EYXdf0PMY1Q8FKbWXljWLCNSVUumw4EItip-Rd2gonZjB7VQ4fLIQLsweO90CCP7d6CIXVtskqsODs1myW94BJrUd4F6jQi9mZAoXzqqHm1wX3dbJ9_TFexuPPUAttza_5cz0149QICQjI39STyjRBXL1zwWmSjufKA1t4UXb-oRtoqxWTPW1EfLNdDAj-qHwi3bO5RsLA5M2r0BmkeCXyUpYdj8jEcxCHZHu4H6q7gSzimuEjsTBQoU-H29tA8vUvODArBQxsEHK4z_X9H_v3tZLMu89q8K98SEw-BOLUAkL84IVWo37dtuhL_BwuH9buy8lmnP3Gl5I-U5DsTaEVKHjzaV8CWigDq8neauh5w0kD_LzwAskAzddZ3suLLNj_xjct-ypA29XyUhm3-maeNgIk31EKRF7iPuRokgmOhGcXq1w9fd0WgictjHUXossw5cLyUqblswqKP9VwqDj8LeuZkSeaxAbkrFtTlL6YjII9VuQYU-5N8pipja7VN6M20fH46YNqNU9oAXaBHM_hF4-0Dny7eFjrGwdsPuHbrnZ8CbPVTbBbZEoSfuOr_xcD24sE2mXRz2M3h2PG2UOhEmB0h6p0QJSQP8B4eQtjpxYK72sRtHP6nlxVxW3iqPu_qB3Qi-KGHOG0VRl_AI4yGF1UytDj55yHDTGZCNie5g4ZM43yxFyChgXDtKHwTpBM-7PUrg6j_gMOp3QUpThhSqL99gZOC2okO-dn3twEa-go5QRCvo35oLAMy293FAMxazpCqPQlXhL89VKQZ0QZRU5HQqMTH7XpcUR12aEeN-GJU-zgOv5YonE9-ymvXgv2CU_ilPTHiWIrOKnknQ7RbvDUoUVBqNWhH8L68zZbBsxnooMqACjcOrpCKCZep-5ZR7bYzh-wF-H4zVA9tZfk_jo3W1BTm20Nv0G5pT7vmsSz58tK5_VkCRKjv5JNX5Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F00 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoii8Nt_NzynpSPOkyo70JhYTAPmjNR4Iqq8ixm6f6dF5I0VmFDYFbvK7WSjYT0Lpk5F9WrIA16MVCKD5EOk3GitxPsejmXUoBlEKetawSQN1piRxta3_njh_UyEmMVaIGY8U&sai=AMfl-YSwruco-Elm8vnPzTugOPzcvFpqde4hDJgL5KBrByMqi-ujoLCXEs-dGU0XiuE5J7PfemcvFasIkgC1&sig=Cg0ArKJSzGEUjeoJGg7CEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=815747106&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656388208358&rpt=2758&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F15 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2z6ddgDzh_ezkBZIUULftv9vV4tJmeR2Y_Qqdz1Kh5hUGx0bl0EPoFZc-jXGOPaGu6rNtbC5R5V2X1HiuOM5xeFET&sig=Cg0ArKJSzOL_abpce6V8EAE&cid=CAASFeRoo614NBrLiyL51dJPPoX-lHfStg&id=lidar2&mcvt=1003&p=950,0,1200,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1581253903&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656388209847&rpt=1286&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://77dae52d6da2fdc13177ce2b7f9c80ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 03:50:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pic3.jpg
dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/ Frame 8F15 102 KB
103 KB 37ms
36ms Image
image/jpeg 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsp-media.eskimi.com/upload/rm/upload/1655905797/floating_300x250/images/pic3.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS