legas.com.ua Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://legas.com.ua/
Effective URL:
https://legas.com.ua/
Submission: On March 16 via api (March 16th 2022, 7:06:05 am UTC) from GB — Scanned from GB

Summary HTTP 156 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 32 domains to perform 156 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is legas.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 24th 2022. Valid for: a year.

This is the only time legas.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10 20	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.94.156.135 45.94.156.135	56851 (VPS-UA-AS) (VPS-UA-AS)
1	49.12.116.255 49.12.116.255	24940 (HETZNER-AS) (HETZNER-AS)
15	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::130 2a02:6b8::130	208722 (YNDX) (YNDX)
1	2606:4700:303... 2606:4700:3033::6815:2c6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:400e:80d::200e	15169 (GOOGLE) (GOOGLE)
1 1	192.102.6.73 192.102.6.73	57682 (HVDS-AS) (HVDS-AS)
1 1	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
1 1	176.9.60.211 176.9.60.211	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.117.203.148 104.117.203.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
3	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::14 2a02:6b8::14	208722 (YNDX) (YNDX)
20	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
156	32

20 2a06:98c1:3120::7 (United States) 10 redirects

ASN13335 (CLOUDFLARENET, US)

legas.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.94.156.135 (Ukraine)

ASN56851 (VPS-UA-AS, UA)
PTR: 135.156.94.45.uashared18.twinservers.net

caddy.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.116.255 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.255.116.12.49.clients.your-server.de

www.meteoprog.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::130 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

info.maps.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2c6c (United States)

ASN13335 (CLOUDFLARENET, US)

cpa.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400e:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.102.6.73 (Kyiv, Ukraine) 1 redirects

ASN57682 (HVDS-AS, UA)
PTR: s1.zevshost.net

040510111616.c.mystat-in.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.202.70 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

webcache.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.60.211 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de

pubmedya.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.203.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-203-148.deploy.static.akamaitechnologies.com

www.tesco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::14 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

clck.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	480 KB
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	91 KB
21	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 310	190 KB
20	legas.com.ua 10 redirects legas.com.ua	159 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	136 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430	88 KB
6	gstatic.com www.gstatic.com	25 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	143 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5368	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	10 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	82 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	10 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	11 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	645 B
1	yandex.ru clck.yandex.ru — Cisco Umbrella Rank: 37225	429 B
1	i.ua r.i.ua — Cisco Umbrella Rank: 143126	2 KB
1	tesco.com www.tesco.com — Cisco Umbrella Rank: 45508
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 18649	901 B
1	pubmedya.net 1 redirects pubmedya.net — Cisco Umbrella Rank: 276737	769 B
1	pp.ua 1 redirects webcache.pp.ua — Cisco Umbrella Rank: 356071	348 B
1	mystat-in.net 1 redirects 040510111616.c.mystat-in.net	314 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	47 KB
1	cpa.com.ua cpa.com.ua
1	yandex.net info.maps.yandex.net
1	meteoprog.ua www.meteoprog.ua	171 B
1	caddy.com.ua caddy.com.ua
0	novostimira.biz Failed g.novostimira.biz Failed
0	bigmir.net Failed c.bigmir.net Failed
0	admaster.net Failed a1.admaster.net Failed
156	32

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	legas.com.ua	10 redirects legas.com.ua
16	static.criteo.net	ads.eu.criteo.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	pagead2.googlesyndication.com	legas.com.ua pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	www.google-analytics.com	legas.com.ua www.google-analytics.com www.googletagmanager.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	static.doubleclick.net	googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
3	stats.g.doubleclick.net	www.google-analytics.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	connect.facebook.net	legas.com.ua connect.facebook.net
1	static.xx.fbcdn.net	www.facebook.com
1	www.facebook.com	connect.facebook.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clck.yandex.ru	legas.com.ua
1	r.i.ua	legas.com.ua
1	www.tesco.com	legas.com.ua
1	www.zenaps.com	1 redirects
1	pubmedya.net	1 redirects
1	webcache.pp.ua	1 redirects
1	040510111616.c.mystat-in.net	1 redirects
1	www.googletagmanager.com	legas.com.ua
1	cpa.com.ua	legas.com.ua
1	info.maps.yandex.net	legas.com.ua
1	www.meteoprog.ua	legas.com.ua
1	caddy.com.ua	legas.com.ua
0	g.novostimira.biz Failed	legas.com.ua
0	c.bigmir.net Failed	legas.com.ua
0	a1.admaster.net Failed	legas.com.ua
156	40

This site contains links to these domains. Also see Links.

Domain
caddy.com.ua
salutes.com.ua
forum.legas.com.ua
www.meteoprog.ua
mytop-in.net
www.i.ua
banner.kiev.ua
www.novostimira.com.ua
clck.yandex.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-24`	a year	crt.sh
caddy.com.ua R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
meteoprog.ua R3	`2022-03-12` - `2022-06-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
core-jams-info.maps.yandex.net Yandex CA	`2022-01-21` - `2022-07-12`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-23` - `2022-03-23`	3 months	crt.sh
i.ua R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
clck.yandex.ru Yandex CA	`2021-12-02` - `2022-05-06`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://legas.com.ua/
Frame ID: 5261401943F79EAC07C1BA5D09357843
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Frame ID: 30D0283F1A74EFCA14D1DC1AEE636EE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230
Frame ID: 54E0B91B7A10D24DCBC1F213E7B63DCC
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1365725250&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359422&bpp=6&bdt=744&idt=235&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WVBJnTuZfg&p=https%3A//legas.com.ua&dtd=238
Frame ID: 27E43B8E268CFCE9A14980F984CED939
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=600&slotname=3398747635&adk=240658524&adf=1605720054&pi=t.ma~as.3398747635&w=160&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359446&bpp=11&bdt=768&idt=217&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384%2C2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1179&ady=2285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CeNS72eKf6&p=https%3A//legas.com.ua&dtd=219
Frame ID: 9BF430679229F7D4A9C466591C00D476
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=250&slotname=8161031849&adk=4210853449&adf=3405296861&pi=t.ma~as.8161031849&w=300&lmt=1647414359&psa=0&format=300x250&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359473&bpp=2&bdt=796&idt=195&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2642460384%2C2642460384%2C3398747635&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=iu6y9bJk4H&p=https%3A//legas.com.ua&dtd=197
Frame ID: FE0F63058B2D5180507A766BE5B3CB01
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df69dba3ccb4788%26domain%3Dlegas.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flegas.com.ua%252Ff1b3003cba51c24%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Flegas.com.ua%2F&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=230
Frame ID: 006CCC0ADDE234D6CB0DD602403C0464
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGMVwAK6EcHg4GIAA2GZyrIw0mf-1YrxaLoxg&u=%7CeNmdseWml8HGtg8BeCGI3v5SgH%2Bmi7QkrOcpVrKseoE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrkioGQbjiX2UGuAuv14bEENvt7UL12F9G63fZnGxmyehet7rsSafFPjqPOGxiH_QGjycOizojiWsErpMD7UbKUOWJeZw5zUoGuIUawCvZaubaQ5uMIcaV0oiCks-v4jncq2ucO8tUTv8WSvZ7A86j0-ZoYhgDY4JnNJ7pwXseCekBrL8TA5hiy3oKd734Fvf_xvJjZaY0CF1V-BuqvTMqNY11SuKviXtbk4Ns0VOQQAp6S-YBQtg2vPvTdo2Nb-joxFOvYiJjySkaP_mpb6lJ3nMV_ALwQnkIQqV-58oazioXsJhxa6joOvObnx33CHFCbKSi4miZX4s0xxdfDTXUYwrjU7oyG_y-xH2ob-2bK0ig6rDCnWqzAMJhym7gbShkHWYoPbqOTC_Ly9iKQ_Qv983qJANOhHRj7Ghff3i5Jgr3ZqoglWCJoGMvaQ8LvqSS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDliWV4wxYsfQK4iDjuwP54y2yALkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTg0MzE4MTMxMjE4MTI0OTGgAb3UiOsDyAEJqQL04B2-6OW1PqgDAaoE5QFP0LwWxDY55279YzSYNmha0IbXOYqMp7E2_5-Vj_hdkENVgyJg26PhXy_HFnEL2cNJR5Obkr2djtpgh_TEN4UUBfzPh9nI6onxOVK4e69dX70Ky3NH2WOrruDtHQgEs2iKOYl7_Lz4F4lWM-hTlBfTG2NobGs6ZKIGNjY4MkTcxbng9byHzWwr5u1OHijYbl_Xc-deC9FZEbDWAc0aRu4-WPN6VFTEi9-U3mwBpz3H01yHyrhH0dEIUCpUXPpw23TnLCwjs9-sTS_pAGj4jzd7Ue0wJwb_gHcNC-AV-igcEXPMJb1pgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3B_Igpc9lycRpcLYvxlceupl0liA%26client%3Dca-pub-8431813121812491%26adurl%3D
Frame ID: D2D959A42264DE72C94F7441E743EE58
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGMVwAK8JsKd_NGAAuNACOpqRHYBUVxncYfYQ&u=%7CeNmdseWml8HfK0RIV%2BrDxW4qdbnnhZGz11UhD6UVSRs%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrkioGQbjiX2UtJ4DSk2Y8qTBW6ePtsKRIdL0zQ3LIJTTmmEwkDwUtC7BJxH29H4OxrgzV6Dq4S41VyKn827Chk4yOsdq0NfWdl6HMyF7DAb7T7DG5zwR2wHAKQfYwVg1O8u5_909USimAzA03hpbJ9Lu7s1nd5Ky6EipbcTPKB2Kyi2YnO5sOsNsd1lEGUMoaIojXfs4PSxw4IX-yPMLmnaDR4p63ltUN23wn-bxlVJkZ6E3BvaGfLfkr81EoNSo_TTCV4l3jccNG_I-rHrvHNeeafwt3zB60EcRbUBfpJ3X2Jxv10EY9d2ia99VK6Dm3xauCTIJUzH2LIMzH3TXAMIyhcS85Zu-JIsTaustI33eAbfm-O-zgGs-pSTcbKMrHpMftZ_aEjMACapvQ6dlU2hx4PrL7dHDM1x3hpLBbOUlI5RCUPEM8ynRvoZ-wvuuc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnx28V4wxYpvhK8bm3wOAmq6ABOSP0rFcp5LhiIgBwI23ARABIABguwaCARdjYS1wdWItODQzMTgxMzEyMTgxMjQ5MaABvdSI6wPIAQmpAvTgHb7o5bU-qAMBqgTfAU_Q1Aup6Rt2m-SZJh-908l9L-7R_vTTecGPpH9OsD6Zcq77sIALntyES6hVVMpqd4bU-tY_3jrIEbAdSBRYbx1oOGrl9TTm4LhKxdAtFZH4dpH7r56ikRB7Gvu1vySBiYKbq7zAap9qr5NNL8_3I2RE-UMhzSt64dOcuG2OI1aouiKcTg7p8dTcWr24SyMSX5m2m7R4ZKKCFptyZYAj0cmZVAspQsGbh4kLDoqXzRGy22W8PDW40xPxg6EgXxzZiaHP7fB_S6HmnVVwiNXLxNtMVjucUYy588YssXBYf9eABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2M8GCCgh1DhtUzUGI3ChhqxBprGQ%26client%3Dca-pub-8431813121812491%26adurl%3D
Frame ID: 17C60946AF39EF825BA7F7A2DBFD0F27
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js
Frame ID: 5A65D931EF17B2637992857DB4DB5994
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&adk=1812271804&adf=3025194257&lmt=1647414361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&plas=183x1080_l%7C183x1080_r&format=0x0&url=https%3A%2F%2Flegas.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414361136&bpp=2&bdt=2458&idt=2&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D768ad6fbed47e94f-225fe8d05dcd006f%3AT%3D1647414359%3ART%3D1647414359%3AS%3DALNI_MajBNGShooe-i1qiOe-C4CY5YxWrw&prev_fmts=300x250&prev_slotnames=2642460384%2C2642460384%2C3398747635&nras=1&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&psts=AGkb-H_mXAHakbl2asUAKTNFOzzph5XC5qoRwMcGF55ndnSww762XAvvFnnESHYys0xEzGwrnbzyT6B4dqwx%2CAGkb-H-qTjbkzmSetaZFaPk91oTropPxkPvgwGJZc4UySyxBf2gvz-C8_0xztVgQTC-jwUEHn6TrCZyRbUtmeec%2CAGkb-H8gCp6vcCdgx4chRCQ-X7dBny7m0rF3Z75bUG10oib54f0lvgASM3kEAGyx4J5bYI-5n_VXRDLj_mA%2CAGkb-H8lkAy9gINNie0FWQIJitVEP9h7B2DIag12X_2f8kv_fhEAHJhHbjMn2TXEb7v9rMIPDCpT-c5wY3CFT9A&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=19
Frame ID: 54CFBCF8E03FFBE0133E68DA4D77E2B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65BC3B161ACCDEAFBA257B347869E6D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F12A7E5F3872F1B46B6F2D0240AB37E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Frame ID: D46B3349F482BE74F59C176E2011C261
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js
Frame ID: 2CABB5CF5FDB93B8C89D3EE0EC754F83
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E0E5C2B19C9149611EEA37E99B00D13
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js
Frame ID: 6597FD99BA071DFBD5D8A438C917B4A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Правовой портал

Page URL History Show full URLs

http://legas.com.ua/ HTTP 301
https://legas.com.ua/ HTTP 302
https://legas.com.ua/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

156
Requests

92 %
HTTPS

66 %
IPv6

32
Domains

40
Subdomains

32
IPs

7
Countries

1514 kB
Transfer

3915 kB
Size

14
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://caddy.com.ua/magazin/category/view/5.html

Search URL Search Domain Scan URL

URL: http://salutes.com.ua/
Title: Наш магазин

Search URL Search Domain Scan URL

URL: http://forum.legas.com.ua/
Title: ФОРУМ

Search URL Search Domain Scan URL

URL: http://caddy.com.ua/magazin/product/view/5/85.html
Title: Volkswagen Tiguan (3000 грн)www.caddy.com.ua

Search URL Search Domain Scan URL

URL: http://www.meteoprog.ua/ua/weather/Kyiv/

Search URL Search Domain Scan URL

URL: http://mytop-in.net/

Search URL Search Domain Scan URL

URL: http://www.i.ua/
Title:

Search URL Search Domain Scan URL

URL: http://forum.legas.com.ua/index.php?topic=403.0
Title: Продажа Suzuki SX4 2007го года в хорошем состоянии, один владелец

Search URL Search Domain Scan URL

URL: http://forum.legas.com.ua/index.php?topic=402.0
Title: А какой сейчас механизм продажи авто?

Search URL Search Domain Scan URL

URL: http://banner.kiev.ua/
Title: Украинская Баннерная Сеть

Search URL Search Domain Scan URL

URL: http://www.novostimira.com.ua/
Title: Новости

Search URL Search Domain Scan URL

URL: https://clck.yandex.ru/redir/dtype=stred/pid=30/cid=1531/*http://maps.yandex.ru/kiev_traffic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://legas.com.ua/ HTTP 301
https://legas.com.ua/ HTTP 302
https://legas.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://legas.com.ua/css/style.css HTTP 302
https://legas.com.ua/css/style.css

Request Chain 2

https://legas.com.ua/images/logo.jpg HTTP 302
https://legas.com.ua/images/logo.jpg

Request Chain 3

https://legas.com.ua/images/ad/caddy_seats_new2.gif HTTP 302
https://legas.com.ua/images/ad/caddy_seats_new2.gif

Request Chain 6

https://legas.com.ua/images/poll.jpg HTTP 302
https://legas.com.ua/images/poll.jpg

Request Chain 7

https://legas.com.ua/images/arrow.jpg HTTP 302
https://legas.com.ua/images/arrow.jpg

Request Chain 16

https://legas.com.ua/images/bg.jpg HTTP 302
https://legas.com.ua/images/bg.jpg

Request Chain 17

https://legas.com.ua/images/menu_bg.jpg HTTP 302
https://legas.com.ua/images/menu_bg.jpg

Request Chain 18

https://040510111616.c.mystat-in.net/?i040510111616&t4&g27&w1600&c24&r&v3&j0 HTTP 301
https://webcache.pp.ua/w HTTP 302
https://pubmedya.net/to2/tesco.com/ HTTP 307
https://www.zenaps.com/rclick.php?mid=23729&c_len=2592000&c_ts=1647414262&c_cnt=922583%7C0%7C0%7C1647414262%7Cat106243_a155926_m14_p76740_t61240_cDE_f14%7Caw%7C0&ir=4ebb5520-a4f7-11ec-931c-22627d215c9c&pr=https%3A%2F%2Fwww.tesco.com%2Fclubcard%2Fclubcard-plus%3Fsc_cmp%3Daff%2Aawin%2Accplus%2Aadgoal%2BGmbH%2B-%2BIncentive_922583%26utm_medium%3Dclubcard_plus%26utm_source%3Daffiliate_window%26utm_campaign%3Daff%2Aadgoal%2BGmbH%2B-%2BIncentive_922583%26awc%3D23729_1647414262_b13b4be2fc12c7758ead6a1a679f6e09&bId=HLEX_62318bf6b10342.43451687&cookie=1&c_d=zenaps.com HTTP 302
https://www.tesco.com/clubcard/clubcard-plus?sc_cmp=aff*awin*ccplus*adgoal+GmbH+-+Incentive_922583&utm_medium=clubcard_plus&utm_source=affiliate_window&utm_campaign=aff*adgoal+GmbH+-+Incentive_922583&awc=23729_1647414262_b13b4be2fc12c7758ead6a1a679f6e09

Request Chain 27

https://legas.com.ua/images/footer_bg.jpg HTTP 302
https://legas.com.ua/images/footer_bg.jpg

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

156 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
legas.com.ua/
Redirect Chain

http://legas.com.ua/
https://legas.com.ua/
https://legas.com.ua/

100 KB
18 KB

904ms
904ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://legas.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 908c38c2903c40a2cfdaddb865ce6dcab718d3361536cdfda07d9c730de53421

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Wed, 16 Mar 2022 07:05:58 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTEV639e2JeYaRFEQb1fcEdTGjep9lgW386NV%2FvstnY9F8N8UDJpHScXJrLDp%2FxnkxDc6bzNw%2BHfEeISCjZh0OguaIjuz6yTEoiFpXqNxIihkJ0iU%2BLUA%2FH%2By5sD8rc%2BafPEQwD%2BmwXCyj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ecba4b82c7e7689-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 16 Mar 2022 07:05:57 GMT
pragma: no-cache
cache-control: no-cache
location: /
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SUBZdCKtesPpimgcAQNMzV%2FkCdGcn5xJEybi0gXsF96CWcKwtfpTdbfXtPl6pR6lvwOwUJkHmXRfoZa1JgST%2BiH9sEKhplk8w3GXQnVNL6%2FsI3WLwhFwW6Lai42HXHZKEJEcZA67tO0Eh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ecba4b6daf27689-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

style.css
legas.com.ua/css/
Redirect Chain

https://legas.com.ua/css/style.css
https://legas.com.ua/css/style.css

5 KB
1 KB

326ms
325ms

Stylesheet
text/css

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://legas.com.ua/css/style.css
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 64f4ced5d55df1d2b68756fbeffafd50b5d09c3ad7703f89a0660269a4ea3a54

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:58:33 GMT
server: cloudflare
etag: W/"f6485582f5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcVFxKQPE4cacIR4wYb3y5eFf%2FIJ9YRKTtwVyJkIokexojsM8w%2BTqoU1ZuBVchACcFCFBXJpj2gqRVlrQhiW2vcCtFSDUDkLrsjIYVdiuz7EjwOxRgD60bZCJZcwHoM1d93ARWydsUHgHkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6ecba4bf390772a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:58 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LyWaEV3mzVfwNfla%2FgFW8GNo3N33OEAgR3gyWROxtvQIpVtIVtAVxBkz3UBztuyqB7V5vju24zpu2fAooOg8912rHa8ikApOcRvlrObwY%2BJ4%2Bx4BpXZlMYQJOPcicdZc5%2FGkFyqLNyJ81E%3D"}],"group":"cf-nel","max_age":604800}
location: /css/style.css
cache-control: max-age=14400
cf-ray: 6ecba4bde81a72a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-1.4.2.min.js Show response
legas.com.ua/js/ 87 KB
28 KB 482ms
482ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://legas.com.ua/js/jquery-1.4.2.min.js
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8d61bc67c5b06bbd0e0787fc1e661c2fb58ba72c46b7b05ca3ee94c20e599130

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:59:05 GMT
server: cloudflare
etag: W/"567c5795f5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA3QX0mddYRjC9t6KVLd3dWLXaIo0SBSPRl4cuP8CJ3Ay%2FWx2zY5CUnye1ZzzGubRsa3BFkYJpccOaZk0VFXWKaRV7Pa%2FodT8pj52sAWl46pa9gmCKLYu14Mi%2FioyML%2BlnW62GpJ3U%2BQWEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ecba4bde81d72a0-LHR

GET
H3

200

logo.jpg
legas.com.ua/images/
Redirect Chain

https://legas.com.ua/images/logo.jpg
https://legas.com.ua/images/logo.jpg

30 KB
30 KB

326ms
326ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legas.com.ua/images/logo.jpg
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 79d43d860bcaf8b62c343669b1c7c7acf20a83d0a35ade74f875c8157e71bbd4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30504
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:58:58 GMT
server: cloudflare
etag: "1fa77791f5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXLlUWBXVRKevaLvr%2BNrsZoEetKRovjuKys9YnD5RnmWVKvTmCTAogGSES%2BffvAg%2BAUlkFC%2Bwc9k54mhUQN3YL3OVYIYd5vQ6rnPYThiR%2FRKbvOblZYHbRKtnfFkKv7h9VHs29iapBBsRPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ecba4c2bbee72a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Fs8aCnzFctyB1LVD%2FooR4bksi1CVK%2FN9zi5KGvcy43Qnj3yjwjg%2FTU03wP8kk7jpjvxp11OxKIR%2B%2BwywSGs67qyh6PFiBCQ%2Fy8O2kmIBK3Yryl2z0nQb1A2UM%2Fm8hF6ZIHbO%2Fh6rLqJzgw%3D"}],"group":"cf-nel","max_age":604800}
location: /images/logo.jpg
cache-control: max-age=14400
cf-ray: 6ecba4c14aaf72a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

caddy_seats_new2.gif
legas.com.ua/images/ad/
Redirect Chain

https://legas.com.ua/images/ad/caddy_seats_new2.gif
https://legas.com.ua/images/ad/caddy_seats_new2.gif

69 KB
70 KB

467ms
467ms

Image
image/gif

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legas.com.ua/images/ad/caddy_seats_new2.gif
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 21583f7002df3434278d0ac87cde6b062999b39689e75945e152f8a5e75ef7fe

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70616
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:59:03 GMT
server: cloudflare
etag: "beb02894f5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfeoZRcyoRBNlsMTi67kyoSOoe3WE2fCp9kMfkQubNX7BwG3%2BX9hOfQEeZbGzQD5VMknA9w%2FLWksF0r24FOmphqzQabNbNm2pERfFURS8yFX9%2FwtVK7htiOR3ayj38n18XkZO5yJFkUTN9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ecba4c28bdb72a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Kqk5KUexK8A9gMS%2B2LzBi0PACat8BPc3naoouqMUdgmQgh1KtIwpUI53vLnZKUDpAqVCxBk6lc9PRBrk7T9Y6NhYldy9FdsN0ECXm1u3CqPQUVXF17yQsL0NNojmmQM4d4JBDugQbs6cWE%3D"}],"group":"cf-nel","max_age":604800}
location: /images/ad/caddy_seats_new2.gif
cache-control: max-age=14400
cf-ray: 6ecba4c14ab172a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 VWTGN-1.gif
caddy.com.ua/components/com_jshopping/files/img_products/ 0
0 314ms
82ms Image
text/html 45.94.156.135
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://caddy.com.ua/components/com_jshopping/files/img_products/VWTGN-1.gif
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.94.156.135 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 135.156.94.45.uashared18.twinservers.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 500 /
www.meteoprog.ua/ua/informerget/ 0
171 B 186ms
81ms Image
text/html 49.12.116.255
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.meteoprog.ua/ua/informerget/?type=4&city[]=Kyiv&color=13659f&txtcolor=FFFF00
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 49.12.116.255 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.255.116.12.49.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
last-modified: Wed, 16 Mar 2022 07:05:59GMT
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

poll.jpg
legas.com.ua/images/
Redirect Chain

https://legas.com.ua/images/poll.jpg
https://legas.com.ua/images/poll.jpg

2 KB
2 KB

330ms
330ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legas.com.ua/images/poll.jpg
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a6e648923be27227370e476a3fe1b29b7d43f486b80ffb409a04d7b6ef3909ca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1616
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:58:59 GMT
server: cloudflare
etag: "6e56a791f5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pFn7EpYYKrT%2BRXY6WyTR9GKjLsE6GxoFe4ErzmWTScnP7wJApdPN4PdwouDm3TckrgdVeQZU2%2BQSg15qqtbLS93l8EcfFDytQKFVtaMjUc%2F5LY2Bjsa5rOgMa0Epzt7KZsXuUbsihUelaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ecba4c2ec0c72a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkCeIVEGMdl79xEVLy62TsWfqpZtNbolxJ%2FqtcqhHYh%2FkSGVqeTq0CkA7JI8JaFOe5lQxdrO5ap9DY4Z7Jlg1DENEr4vdSvTKcRwVQBfF%2FyfllF8DcxdQswy9oGehgkJXoO4xy5CUs0%2BTzc%3D"}],"group":"cf-nel","max_age":604800}
location: /images/poll.jpg
cache-control: max-age=14400
cf-ray: 6ecba4c14ab672a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

arrow.jpg
legas.com.ua/images/
Redirect Chain

https://legas.com.ua/images/arrow.jpg
https://legas.com.ua/images/arrow.jpg

349 B
935 B

324ms
324ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legas.com.ua/images/arrow.jpg
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6edbf13af2f07f3ff6cf1b7ab649b8c6c28d247f2d7750a8593bd534de07d744

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 349
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:58:51 GMT
server: cloudflare
etag: "a7af18df5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss1urlDm4m%2B4olszYCsQ2eNg1uSFeNBY4FhMedMkHIiJoy997vgzfZZa4AMWmzgjbd%2BaurYVeTvAqhDEh2MMxoKlrHYCqJpBz598bU4Sbi7PYNWwdd2ExFurJ3q57Xu5yHP1EPqGLdLrDfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ecba4c2bbf072a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDcDSdlwrmen3trgDhVcrhlUj8ASvOeEyJ06%2FBem5LUxO6oGcWL3ffifIe%2F2hqm1FbNDO0rwU8zD%2FNbt%2FCx3rCDbKwI0oG7LqStVzNw7b%2BFHl6bOoiATsoVZlbxu5rjiVHmO3fdU18xRDDQ%3D"}],"group":"cf-nel","max_age":604800}
location: /images/arrow.jpg
cache-control: max-age=14400
cf-ray: 6ecba4c14ab872a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 114 KB
40 KB 148ms
66ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: legas.com.ua
URL: https://legas.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e91164aa903deff74af4c0d4cf7a42b9954783d8ed0d6f022a59bf8c7f8055d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40072
x-xss-protection: 0
server: cafe
etag: 2505470169299618564
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:05:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 169ms
114ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: legas.com.ua
URL: https://legas.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a05baae3f8bd00c0bb61fb28fb26b8984ec2c427651ad5fc472d5cbb4d5bb4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53726
x-xss-protection: 0
server: cafe
etag: 6811499196077626407
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:05:59 GMT

GET
H2 404 current_traffic_150.gif
info.maps.yandex.net/traffic/kiev/ 0
0 288ms
61ms Image
text/html 2a02:6b8::130
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.maps.yandex.net/traffic/kiev/current_traffic_150.gif
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::130 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 404 script.js
cpa.com.ua/get_js/ 0
0 848ms
741ms Script
text/html 2606:4700:3033::6815:2c6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpa.com.ua/get_js/script.js?aid=90
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2c6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
47 KB 141ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2VDHS

Requested by

Host: legas.com.ua
URL: https://legas.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3786fa3025a8b58853a0cb4c4b7f6dc64a31985c65c26a62d5f0f65070f40e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47445
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Mar 2022 07:05:59 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 127ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: legas.com.ua
URL: https://legas.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07d35956fd55c041947e38467170f7aa5931dc36239b107ff4229673fd183dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sXd9foaNAo98YLcIhLFrEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 16 Mar 2022 07:18:04 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: bGYCJGrcvQ580oQSvOGKSUsJI6tZRgqkWHJChUWxqMDk1I9KWpUF1WVEhMWoxSZeCWav8NYED5jA6Pu040vPTg==
x-fb-trip-id: 686109401
x-fb-content-md5: a53d5b9cee2ecdb56fe6369125aa5b6f
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Mar 2022 07:05:59 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0a71ed2ba786be32d162c3ed6f6b4e72"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 100ms
33ms Script
text/javascript 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: legas.com.ua
URL: https://legas.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3019
date: Wed, 16 Mar 2022 06:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Mar 2022 08:15:40 GMT

GET 155
a1.admaster.net/a/10507/ 0
0

GET
H3

200

bg.jpg
legas.com.ua/images/
Redirect Chain

https://legas.com.ua/images/bg.jpg
https://legas.com.ua/images/bg.jpg

374 B
962 B

321ms
321ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legas.com.ua/images/bg.jpg
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/css/style.css
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a86b3a844dad8b4c5673af644a74b9046f920772bfc75d0f5fa0704d19510d2e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/css/style.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 374
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:58:53 GMT
server: cloudflare
etag: "4fb55d8ef5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBWxulikqzqeoctiBZkuajID%2Bu4RLleDmiTrFdId906hzHuqGLsIv8FbzGE71gazqCLvhMiP6PPPqL0nC%2FIZsD700RzOght5WxOpTw%2BFfqpJF8hunOXWRBcoTmOiC3pQqLhbP11dDGFecRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ecba4c2bbef72a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lW%2FsK1S94YG4syA5d4lDK%2FYNdBNl70HJFBVWScm3i5HM5%2B%2Fs92bYlFOjhMjmSBYDy6a21TmGN%2FZ0jFlu2DHLKb4kzlvSkknBV%2FVpiGUfdFBIDYXWuju6sdYQblXyNh%2BqWYWmb%2FiyPgpyF8%3D"}],"group":"cf-nel","max_age":604800}
location: /images/bg.jpg
cache-control: max-age=14400
cf-ray: 6ecba4c14ab972a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

menu_bg.jpg
legas.com.ua/images/
Redirect Chain

https://legas.com.ua/images/menu_bg.jpg
https://legas.com.ua/images/menu_bg.jpg

1 KB
2 KB

327ms
327ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legas.com.ua/images/menu_bg.jpg
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/css/style.css
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 720b21233cc3f5ac1443ecb48e8807913f0927ee4ffd04d805b76aa2b93bed2b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/css/style.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1106
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:58:59 GMT
server: cloudflare
etag: "c4928391f5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzNJdQnF7B3SIRIDvNeGZ0VdBqokkTvKGDr4uVW%2FljwKTcrlrMwjVplCTYMjIqob53qPUzLIkUM6WJc7NJvrKqLAnC5WGe4xwQFy9sV0PxTOn6tbgaMC%2BrLN1oKU%2FRzrAbpIsQrkY%2F7qliA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ecba4c2dc0b72a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TJqmKVyxcjb2Pb2oSWsKISOWfMHq8dIlTU1J9DKemQgrxmi802z4HUsm%2BcxmqXhFf1z52UzfjWky9d2buLi9RivaYSHGH08R6imVWb2hFYMSVKd5SfVLC%2Bj5YV5WPIFh2wcOXlAKFnZzxI%3D"}],"group":"cf-nel","max_age":604800}
location: /images/menu_bg.jpg
cache-control: max-age=14400
cf-ray: 6ecba4c14abc72a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

clubcard-plus
www.tesco.com/clubcard/
Redirect Chain

https://040510111616.c.mystat-in.net/?i040510111616&t4&g27&w1600&c24&r&v3&j0
https://webcache.pp.ua/w
https://pubmedya.net/to2/tesco.com/
https://www.zenaps.com/rclick.php?mid=23729&c_len=2592000&c_ts=1647414262&c_cnt=922583%7C0%7C0%7C1647414262%7Cat106243_a155926_m14_p76740_t61240_cDE_f14%7Caw%7C0&ir=4ebb5520-a4f7-11ec-931c-22627d21...
https://www.tesco.com/clubcard/clubcard-plus?sc_cmp=aff*awin*ccplus*adgoal+GmbH+-+Incentive_922583&utm_medium=clubcard_plus&utm_source=affiliate_window&utm_campaign=aff*adgoal+GmbH+-+Incentive_9225...

0
0

842ms
627ms

Image
text/html

104.117.203.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tesco.com/clubcard/clubcard-plus?sc_cmp=aff*awin*ccplus*adgoal+GmbH+-+Incentive_922583&utm_medium=clubcard_plus&utm_source=affiliate_window&utm_campaign=aff*adgoal+GmbH+-+Incentive_922583&awc=23729_1647414262_b13b4be2fc12c7758ead6a1a679f6e09
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: H2
Server: 104.117.203.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-203-148.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

Date: Wed, 16 Mar 2022 07:06:00 GMT
Allow: GET
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.tesco.com/clubcard/clubcard-plus?sc_cmp=aff*awin*ccplus*adgoal+GmbH+-+Incentive_922583&utm_medium=clubcard_plus&utm_source=affiliate_window&utm_campaign=aff*adgoal+GmbH+-+Incentive_922583&awc=23729_1647414262_b13b4be2fc12c7758ead6a1a679f6e09
Connection: keep-alive
Awin-Akamai-Rule-Set: default
Node: Helix
Strict-Transport-Security: max-age=86400
Content-Length: 0

GET /
c.bigmir.net/ 0
0

GET
H/1.1 200
OK s
r.i.ua/ 2 KB
2 KB 249ms
80ms Image
image/png 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.i.ua/s?u66180&p62&n0.6751521357156076&c1&d24&w1600&h1200&r/legas.com.ua/
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: d1c2e9328b066d24c8ca8aaf34bd48600051f29bbed7fb881d0ec669a39b49f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 07:05:59 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/png
Expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 69ms
35ms XHR
text/plain 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1097959931&t=pageview&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=589378977&gjid=123492042&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&_r=1&_slc=1&z=1935343368

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://legas.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://legas.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 280 KB
80 KB 82ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ad70519782240f38faef4ba3418aff05

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

121845511520714deea6789c66953a5574db3044180c58f20ee7a9589b06092e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://legas.com.ua/
Origin: https://legas.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: swZdCRLkhVuo4UeE4sV/JQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 16 Mar 2023 01:17:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81452
x-fb-rlafr: 0
x-fb-debug: 3jbrS3qE8Y41Yd0CgMq1Q4l32hSn2SL8/LcvW3KOf+HooWCPJb7SU/iG/ONhLlfGxAl3fCmh3l9mNU82fnvCpg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8844a83e5e1f3917d827d05144fbd217
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:05:59 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "bd14c3057eb46883b15c35ff46f57733"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 113ms
67ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=pub-8431813121812491&plah=legas.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

367d053e8897caf949a1dcd81d7366ff932c8dec0ab27d6464fbbc6a985f9d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107541
x-xss-protection: 0
server: cafe
etag: 14193609614327123440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:05:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 96ms
32ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9703351-1&cid=243640378.1647414359&jid=589378977&gjid=123492042&_gid=846866780.1647414359&_u=IEBAAEAAAAAAAC~&z=330113135

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://legas.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Mar 2022 07:05:59 GMT
content-type: text/plain
access-control-allow-origin: https://legas.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 1322
g.novostimira.biz/l/ 0
0

GET
H/1.1 200
Ok ya.ru
clck.yandex.ru/click/dtype=stred/pid=30/cid=1529/*http:// 43 B
429 B 197ms
65ms Image
image/gif 2a02:6b8::14
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clck.yandex.ru/click/dtype=stred/pid=30/cid=1529/*http://ya.ru

Requested by

Host: legas.com.ua
URL: https://legas.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::14 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Cache-Control: no-cache
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Content-Type: image/gif

GET
H3

200

footer_bg.jpg
legas.com.ua/images/
Redirect Chain

https://legas.com.ua/images/footer_bg.jpg
https://legas.com.ua/images/footer_bg.jpg

307 B
892 B

323ms
323ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legas.com.ua/images/footer_bg.jpg
Requested by: Host: legas.com.ua
URL: https://legas.com.ua/css/style.css
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 59729251e018160eeed443c848fa5fd802b40e984b5afe60560c3cbe9d7b4612

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/css/style.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Jan 2021 23:58:56 GMT
server: cloudflare
etag: "a93d4b90f5e2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7tWxcooLk0NFyPyaOM91Hls7WGKdr24RIUqWPVZNiYumrUbOnHnOD5Ie7KSA6JJwn9S8BdvYuCjQJ3iof8aI2niWqQVwW4lrAxYjOj08BnwsYJDsNyGpRwPkPZrm8fbIlDGiCEfmAfgBDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ecba4c40d0072a0-LHR

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIGUqlo5VOfx60pTTVKeDnT0hQiPuhoZdg54jA7piMQAsQJDJxn0wUXTiesDfRHbcHgu3%2BogeQm0hW%2FVKEFMSrBkfBWq2hxIw3grPmhMmA2NUnpyR%2BKL8im330CCMbq63QjAYbvwLstomZs%3D"}],"group":"cf-nel","max_age":604800}
location: /images/footer_bg.jpg
cache-control: max-age=14400
cf-ray: 6ecba4c2bbf472a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/ Frame 30D0 10 KB
5 KB 136ms
38ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Mar 2022 01:29:16 GMT
expires: Wed, 30 Mar 2022 01:29:16 GMT
cache-control: public, max-age=1209600
age: 20203
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 152ms
48ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=legas.com.ua&callback=_gfp_s_&client=ca-pub-8431813121812491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=pub-8431813121812491&plah=legas.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

dc51d39a01a5ff2f42ec254801d29f48887ca6b2c6faac880cdf1787d0471cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 152ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=legas.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=legas.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54E0 83 KB
30 KB 388ms
343ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e39a21f14be2e5ac38868ec8d10cbc92aa9d55dcff2caa684efc1e606d7d0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:06:00 GMT
server: cafe
content-length: 30715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:06:00 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27E4 108 KB
17 KB 302ms
282ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1365725250&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359422&bpp=6&bdt=744&idt=235&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WVBJnTuZfg&p=https%3A//legas.com.ua&dtd=238

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8808647c199175f16b3f7477a261b65f430d8dbdf81a7eeba96bce35dfcf4d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:05:59 GMT
server: cafe
content-length: 17840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:05:59 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BF4 24 KB
10 KB 405ms
391ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=600&slotname=3398747635&adk=240658524&adf=1605720054&pi=t.ma~as.3398747635&w=160&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359446&bpp=11&bdt=768&idt=217&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384%2C2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1179&ady=2285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CeNS72eKf6&p=https%3A//legas.com.ua&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be5918ab38ddc24691850454dc810ece96f01829014fc3bcdaee6550e80875c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:06:00 GMT
server: cafe
content-length: 10207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:06:00 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE0F 24 KB
10 KB 426ms
416ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=250&slotname=8161031849&adk=4210853449&adf=3405296861&pi=t.ma~as.8161031849&w=300&lmt=1647414359&psa=0&format=300x250&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359473&bpp=2&bdt=796&idt=195&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2642460384%2C2642460384%2C3398747635&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=iu6y9bJk4H&p=https%3A//legas.com.ua&dtd=197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a06cedcdf4af73ed36a6668f0e7d43274e27103985151eed347825f1d64537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:06:00 GMT
server: cafe
content-length: 10188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:06:00 GMT
cache-control: private

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202142035000/ Frame 27E4 220 KB
61 KB 167ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1365725250&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359422&bpp=6&bdt=744&idt=235&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WVBJnTuZfg&p=https%3A//legas.com.ua&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61563
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "74cdf3878bfbef53"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:39 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 27E4 16 KB
6 KB 265ms
136ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 94389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Tue, 15 Mar 2022 04:52:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Mar 2023 04:52:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 27E4 96 KB
29 KB 248ms
121ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:39 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 27E4 74 KB
17 KB 239ms
113ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ed8a35d6fd1f5bf0923284f1b2e0400a97cbaacd5abb2c674ce566b0e81fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17325
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a19a9ab87656847d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 27E4 5 KB
2 KB 264ms
138ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:39 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 27E4 42 KB
13 KB 228ms
102ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:39 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 27E4 3 KB
3 KB 169ms
77ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 04:23:56 GMT
x-content-type-options: nosniff
server: cafe
age: 9724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Thu, 17 Mar 2022 04:23:56 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 27E4 344 B
474 B 136ms
45ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 50815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 16 Mar 2022 16:59:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 27E4 0
21 B 59ms
58ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnFIQV4wxYqvYK7aNjuwPtJGXgAPQnKOYaObG14OqDr_hHhABIPnjvxlguwagAcmx0L8CyAEJqQIcjPoUpOa1PqgDAcgDCKoE-AFP0Nc5Xich859M-ioaeXW8aFEzQzibANYlsV7LgiLqu9zOx35Vi2aFBBd3SGxM1gFoigyyT5AFInXNbngMvaMrJV6jEjKd2KbRoQoDd5usXkdsTGC4mZ8AGpl1fyuBwJcXRGvH3patmhjy5fBK4SxpgAHjKW765S_LfsUEWsE5Bv_MZDU7XoluQlv8d28GdYYRo2MEOv8iuPtC0puvg901D1hOglVrk8j7c3Bu6gNqB0CDhz1GvvOTMQ0b-eq0dHROLuAjv9N1I0jxvWVRpaEmn_XbFuRXAzKKqjoDR16X2r_MwJ3ibea1DJciEGNb7DPB3xUu4dS85sAEn6vcjv4CiAX6x8iMJ6AGLtgGAoAH-pTpZagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEKVBoAiKFrAIAtIICQiA4YAQEAEYH4AKAcgLAdgTA4IUDhoMbGVnYXMuY29tLnVh0BUBmBYBgBcBshccChoIABIUcHViLTg0MzE4MTMxMjE4MTI0OTEYAA&sigh=MwobNFsQ5qk&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1365725250&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359422&bpp=6&bdt=744&idt=235&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WVBJnTuZfg&p=https%3A//legas.com.ua&dtd=238
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:06:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Mar 2022 07:06:00 GMT

GET
DATA 200
OK truncated
/ Frame 27E4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abd61a568a3bdeb52d1ef567f71ef5afa79da30f9f66a378e9546deca5e7008

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg.jpg
tpc.googlesyndication.com/sadbundle/12918483168932676592/ Frame 27E4 4 KB
4 KB 158ms
69ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/bg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df04c0b9e27ce616ade774931d8007676641aa32b224321c11bf91c8c6ea588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:34:12 GMT
x-content-type-options: nosniff
age: 45108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4406
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 18:34:12 GMT

GET
H2 200 soldo_logo.png
tpc.googlesyndication.com/sadbundle/12918483168932676592/ Frame 27E4 6 KB
6 KB 160ms
71ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/soldo_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fef1de921ceb5aaf02cdd59f48ac20bb471a408d3f07eccde978f25cf88a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:34:12 GMT
x-content-type-options: nosniff
age: 45108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 18:34:12 GMT

GET
H2 200 learn-more.png
tpc.googlesyndication.com/sadbundle/12918483168932676592/ Frame 27E4 6 KB
6 KB 135ms
47ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/learn-more.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12cb17ca2b8ce4bd3fe08ef923a93160b1cc2709c1e5efd0e9a1ee8af9d11c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:03:42 GMT
x-content-type-options: nosniff
age: 50538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 17:03:42 GMT

GET
H3 200 card.png
tpc.googlesyndication.com/sadbundle/12918483168932676592/ Frame 27E4 28 KB
28 KB 102ms
54ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/card.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ed52042801bb1b9dbdca21c8ee7b98cc639f0f7ca655d1018ad8dfcd1b10ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:03:42 GMT
x-content-type-options: nosniff
age: 50538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28240
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 17:03:42 GMT

GET
H3 200 f2_ticket.jpg
tpc.googlesyndication.com/sadbundle/12918483168932676592/ Frame 27E4 3 KB
3 KB 101ms
52ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/f2_ticket.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad3409471389f0bd43787e12f01156a029b551d682f7a3f8a4250f7c573c23d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:03:42 GMT
x-content-type-options: nosniff
age: 50538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2646
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 17:03:42 GMT

GET
H3 200 phone.png
tpc.googlesyndication.com/sadbundle/12918483168932676592/ Frame 27E4 3 KB
3 KB 94ms
46ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/phone.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148ef779f4cbcf2705a45d8bfe98a99a2295f3ef695621db25d1825bfc516c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:03:42 GMT
x-content-type-options: nosniff
age: 50538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3050
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 17:03:42 GMT

GET
H3 200 f5_transaction.png
tpc.googlesyndication.com/sadbundle/12918483168932676592/ Frame 27E4 3 KB
3 KB 98ms
50ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/f5_transaction.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72e00333a9da62f5eeb0fc1046b0ca4c9b1e30dcd28d283dab8878d9ff02aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:03:42 GMT
x-content-type-options: nosniff
age: 50538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2934
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 17:03:42 GMT

GET
H2 200 A.woff2
tpc.googlesyndication.com/sadbundle/12918483168932676592/_genassets/ Frame 27E4 13 KB
14 KB 126ms
38ms Font
font/woff2 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/12918483168932676592/_genassets/A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6fc15d2759ac924b29cf9d8508e5cdae93ebd9053852020fd9206a77cb8898e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:03:42 GMT
x-content-type-options: nosniff
age: 50538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13536
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 12:14:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 17:03:42 GMT

GET
H2 200 eb03ae4a64bc28140afe8fd5a16bbea0.js Show response
www.gstatic.com/mysidia/ Frame 54E0 9 KB
4 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eb03ae4a64bc28140afe8fd5a16bbea0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb6019241751dffe336346c5c4540634a286aa657911b6766b77e6ee4da3620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3743
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 07:09:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 03:16:11 GMT

GET
H2 200 daef75a5e808c3b530434f7f22bcc99d.js Show response
www.gstatic.com/mysidia/ Frame 54E0 14 KB
6 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/daef75a5e808c3b530434f7f22bcc99d.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f83c0812d2ef30a334de87811cf685f2d21e23c4b6785926f987c4e164e7e3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5924
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 07:09:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 17:37:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 54E0 7 KB
1 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

913b157f2689c81cfbf6940661dad51919048b2af4edfd4b956eeda00850a42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:40:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:06:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:06:00 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 54E0 2 KB
904 B 65ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:44:36 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 54E0 6 KB
2 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 23:17:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 22:54:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 54E0 19 KB
8 KB 70ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:03:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:03:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 54E0 2 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:12:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54E0 117 KB
36 KB 141ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:06:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 54E0 15 KB
6 KB 72ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:02:23 GMT

GET
H3 200 7a99daadf072127ada89333d533e295f.js Show response
www.gstatic.com/mysidia/ Frame 54E0 28 KB
12 KB 82ms
37ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11822
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 23:17:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 22:32:37 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.0/plugins/ Frame 006C 20 KB
11 KB 198ms
110ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df69dba3ccb4788%26domain%3Dlegas.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flegas.com.ua%252Ff1b3003cba51c24%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Flegas.com.ua%2F&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=230

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ad70519782240f38faef4ba3418aff05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0704a59850bcb5dc385e39444939911c69c1e351b0dfce5dcb861911fb18fdb2

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v6.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: xCO5w+DJ4BUfiMthCDC1NydAUg253HsVmO4O9PC3HM3tAOirMmdxdyRZUWujZezHKU/zMp8JA2/aDDFCT1/xYg==
date: Wed, 16 Mar 2022 07:06:00 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 9BF4 2 KB
1 KB 91ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=600&slotname=3398747635&adk=240658524&adf=1605720054&pi=t.ma~as.3398747635&w=160&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359446&bpp=11&bdt=768&idt=217&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384%2C2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1179&ady=2285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CeNS72eKf6&p=https%3A//legas.com.ua&dtd=219

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:12:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 9BF4 15 KB
6 KB 83ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:01:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BF4 117 KB
36 KB 105ms
96ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:06:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame FE0F 2 KB
1 KB 89ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=250&slotname=8161031849&adk=4210853449&adf=3405296861&pi=t.ma~as.8161031849&w=300&lmt=1647414359&psa=0&format=300x250&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359473&bpp=2&bdt=796&idt=195&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2642460384%2C2642460384%2C3398747635&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=iu6y9bJk4H&p=https%3A//legas.com.ua&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:12:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE0F 117 KB
36 KB 134ms
125ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:06:00 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame FE0F 15 KB
6 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:01:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9BF4 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co8XwV4wxYsfQK4iDjuwP54y2yALkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTg0MzE4MTMxMjE4MTI0OTGgAb3UiOsDyAEJqQL04B2-6OW1PqgDAaoE4gFP0LwWxDY55279YzSYNmha0IbXOYqMp7E2_5-Vj_hdkENVgyJg26PhXy_HFnEL2cNJR5Obkr2djtpgh_TEN4UUBfzPh9nI6onxOVK4e69dX70Ky3NH2WOrruDtHQgEs2iKOYl7_Lz4F4lWM-hTlBfTG2NobGs6ZKIGNjY4MkTcxbng9byHzWwr5u1OHijYbl_Xc-deC9FZEbDWAc0aRu4-WPN6VFTEi9-U3mwBpz3H01yHyrhH0dEIUCpUXLhy-uY0jt4mIC2j1ayNnMP7mz3HW8Mo_Ihk5OustP454vmb-3ZfgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODQzMTgxMzEyMTgxMjQ5MRgA&sigh=ioI93QzyNsw&uach_m=[UACH]&cid=CAQSGwCNIrLMydsZRXH3cLzoZsZofwUQwFGXEHABcBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=600&slotname=3398747635&adk=240658524&adf=1605720054&pi=t.ma~as.3398747635&w=160&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359446&bpp=11&bdt=768&idt=217&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384%2C2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1179&ady=2285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CeNS72eKf6&p=https%3A//legas.com.ua&dtd=219
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:06:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 9BF4 0
0 115ms
36ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UOrgEsiBMKAB2ASH-lcYAgAAABvxf8LzGKerEFeMMWKC40MWbd4yNjpaZAAS&wp=YjGMVwAK6EcHg4GIAA2GZyrIw0mf-1YrxaLoxg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 226084
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D2D9 127 KB
44 KB 157ms
87ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGMVwAK6EcHg4GIAA2GZyrIw0mf-1YrxaLoxg&u=%7CeNmdseWml8HGtg8BeCGI3v5SgH%2Bmi7QkrOcpVrKseoE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrkioGQbjiX2UGuAuv14bEENvt7UL12F9G63fZnGxmyehet7rsSafFPjqPOGxiH_QGjycOizojiWsErpMD7UbKUOWJeZw5zUoGuIUawCvZaubaQ5uMIcaV0oiCks-v4jncq2ucO8tUTv8WSvZ7A86j0-ZoYhgDY4JnNJ7pwXseCekBrL8TA5hiy3oKd734Fvf_xvJjZaY0CF1V-BuqvTMqNY11SuKviXtbk4Ns0VOQQAp6S-YBQtg2vPvTdo2Nb-joxFOvYiJjySkaP_mpb6lJ3nMV_ALwQnkIQqV-58oazioXsJhxa6joOvObnx33CHFCbKSi4miZX4s0xxdfDTXUYwrjU7oyG_y-xH2ob-2bK0ig6rDCnWqzAMJhym7gbShkHWYoPbqOTC_Ly9iKQ_Qv983qJANOhHRj7Ghff3i5Jgr3ZqoglWCJoGMvaQ8LvqSS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDliWV4wxYsfQK4iDjuwP54y2yALkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTg0MzE4MTMxMjE4MTI0OTGgAb3UiOsDyAEJqQL04B2-6OW1PqgDAaoE5QFP0LwWxDY55279YzSYNmha0IbXOYqMp7E2_5-Vj_hdkENVgyJg26PhXy_HFnEL2cNJR5Obkr2djtpgh_TEN4UUBfzPh9nI6onxOVK4e69dX70Ky3NH2WOrruDtHQgEs2iKOYl7_Lz4F4lWM-hTlBfTG2NobGs6ZKIGNjY4MkTcxbng9byHzWwr5u1OHijYbl_Xc-deC9FZEbDWAc0aRu4-WPN6VFTEi9-U3mwBpz3H01yHyrhH0dEIUCpUXPpw23TnLCwjs9-sTS_pAGj4jzd7Ue0wJwb_gHcNC-AV-igcEXPMJb1pgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3B_Igpc9lycRpcLYvxlceupl0liA%26client%3Dca-pub-8431813121812491%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4ff0c30cd7b9ffc4518ae6aa013653e92365ac79fbec8e8e3dc5feddf36c5ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PfHo2n6350ULFA0Abe70LZL4estzN17Fic2Po9XEUK2qMY3co1yTNjF6XAJxqXIHnhXnqgiGD7ONYHUSzE_vCSuTu8jUbIw4Eu04yzuaObzlL58XBwxuNPK11XkPpqllm6M4fFC6CsonLnq5srfD4ZFIZ92_NJlGV6mD9_w_TmO4F5zUGKxes5NjXx1aMOO8mwQPVsNOswfBmmyQVQuWq1e9c4-_6C_znZ6RFazJz4Ip5lSlPi0ND-YVp5OJo6Xa_4GNJQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 55334226
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FE0F 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEEdZV4wxYpvhK8bm3wOAmq6ABOSP0rFcp5LhiIgBwI23ARABIABguwaCARdjYS1wdWItODQzMTgxMzEyMTgxMjQ5MaABvdSI6wPIAQmpAvTgHb7o5bU-qAMBqgTcAU_Q1Aup6Rt2m-SZJh-908l9L-7R_vTTecGPpH9OsD6Zcq77sIALntyES6hVVMpqd4bU-tY_3jrIEbAdSBRYbx1oOGrl9TTm4LhKxdAtFZH4dpH7r56ikRB7Gvu1vySBiYKbq7zAap9qr5NNL8_3I2RE-UMhzSt64dOcuG2OI1aouiKcTg7p8dTcWr24SyMSX5m2m7R4ZKKCFptyZYAj0cmZVAspQsGbh4kLDoqXzRGy22W8PDW4kRHQEXKCrRlKe65XbpTj4KLyl-l6ps0QSkAoypojT6ChIkHGtOOABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NDMxODEzMTIxODEyNDkxGAA&sigh=LtRY6CDXewc&uach_m=[UACH]&cid=CAQSGwCNIrLMGh7wXJgNZosTr2lQyKtme52hw8BxnRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=250&slotname=8161031849&adk=4210853449&adf=3405296861&pi=t.ma~as.8161031849&w=300&lmt=1647414359&psa=0&format=300x250&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359473&bpp=2&bdt=796&idt=195&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2642460384%2C2642460384%2C3398747635&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=iu6y9bJk4H&p=https%3A//legas.com.ua&dtd=197
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:06:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame FE0F 0
0 109ms
34ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UOrgEsmBMKwC-gGH-lcYAgAAALcSZbLJfOw9EFeMMWKMKXzfiXN4E2IZygAS&wp=YjGMVwAK8JsKd_NGAAuNACOpqRHYBUVxncYfYQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 293293
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 17C6 120 KB
43 KB 216ms
149ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGMVwAK8JsKd_NGAAuNACOpqRHYBUVxncYfYQ&u=%7CeNmdseWml8HfK0RIV%2BrDxW4qdbnnhZGz11UhD6UVSRs%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrkioGQbjiX2UtJ4DSk2Y8qTBW6ePtsKRIdL0zQ3LIJTTmmEwkDwUtC7BJxH29H4OxrgzV6Dq4S41VyKn827Chk4yOsdq0NfWdl6HMyF7DAb7T7DG5zwR2wHAKQfYwVg1O8u5_909USimAzA03hpbJ9Lu7s1nd5Ky6EipbcTPKB2Kyi2YnO5sOsNsd1lEGUMoaIojXfs4PSxw4IX-yPMLmnaDR4p63ltUN23wn-bxlVJkZ6E3BvaGfLfkr81EoNSo_TTCV4l3jccNG_I-rHrvHNeeafwt3zB60EcRbUBfpJ3X2Jxv10EY9d2ia99VK6Dm3xauCTIJUzH2LIMzH3TXAMIyhcS85Zu-JIsTaustI33eAbfm-O-zgGs-pSTcbKMrHpMftZ_aEjMACapvQ6dlU2hx4PrL7dHDM1x3hpLBbOUlI5RCUPEM8ynRvoZ-wvuuc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnx28V4wxYpvhK8bm3wOAmq6ABOSP0rFcp5LhiIgBwI23ARABIABguwaCARdjYS1wdWItODQzMTgxMzEyMTgxMjQ5MaABvdSI6wPIAQmpAvTgHb7o5bU-qAMBqgTfAU_Q1Aup6Rt2m-SZJh-908l9L-7R_vTTecGPpH9OsD6Zcq77sIALntyES6hVVMpqd4bU-tY_3jrIEbAdSBRYbx1oOGrl9TTm4LhKxdAtFZH4dpH7r56ikRB7Gvu1vySBiYKbq7zAap9qr5NNL8_3I2RE-UMhzSt64dOcuG2OI1aouiKcTg7p8dTcWr24SyMSX5m2m7R4ZKKCFptyZYAj0cmZVAspQsGbh4kLDoqXzRGy22W8PDW40xPxg6EgXxzZiaHP7fB_S6HmnVVwiNXLxNtMVjucUYy588YssXBYf9eABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2M8GCCgh1DhtUzUGI3ChhqxBprGQ%26client%3Dca-pub-8431813121812491%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3d7013703a0d1e069cbd5719dc87cee1d7a492b7d80dd55b62ac7af6214afb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Yc1yI36350ULFA0A-sy2xIB9rpdXMc9e8lvOofyw2J5Tg8tNfreTn4YyeugaPrxwBCD4Z4d4KLlGlZ94UeD9ZQ5ZGmnZFOaUuqTZ1PBPEkVKNbNFw6MRK-BR5WSj4qQvAEI_MNXVv4pKjwjSPSuA4cqeSKVkL3hLPta27An43iixkl2mO1e2v6qaI0NYamujD9op3FzsG6WZfE-zVyQgdIS8jmCyord1YVhH57R2tweX64XAHwODRfMe5e51oEMO1bxvcg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 60237139
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13191548244560112659/ Frame 54E0 12 KB
12 KB 62ms
61ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13191548244560112659/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48a78be1a28857cbeb884e9e087691bd6663b12cd11948206fb15966d00ef9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:06:57 GMT
x-content-type-options: nosniff
age: 50343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12313
x-xss-protection: 0
last-modified: Tue, 18 May 2021 16:22:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 17:06:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54E0 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6xgoV4wxYtzSK5ShrATewrGQDdCco5hohfy_xLkPv-EeEAEg-eO_GWC7BqABybHQvwLIAQmpAvTgHb7o5bU-qAMByAPLBKoE7AFP0OTNXhvxkD3B55HJ6uBypDWMkHaRcvkmTzmyofnaFDGHSYZTHkbKnLlNbDMCj36xp8nYH9m_5MemKyvnLF0nwbmaaopl4bFbxguT8XqhJBoV7yNz7rbJPqmppXE6qVVOPZ36Nmo-qbaBHar7h7GuZzM2l0PjvGVbw8N_DYEYnQNRMRbA-0u5MphU-hiiJYJHxvtsYvNSSCFbuR7OAr_0DPJbeSEUhsfxvyHER0WRIyyqypHLdhrzRfhoZhQ_LLKzN7hJqJ9C7YF7aDFH1riVQyrqZbBOhM3j66JZSbbTKSdoqhXsLRh7ERLOWMAEn6vcjv4CiAX6x8iMJ6AGLtgGAoAH-pTpZagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEKJPoAiKFrAIAtIICQiA4YAQEAEYH4AKAcgLAdgTA4IUDhoMbGVnYXMuY29tLnVh0BUBmBYBgBcBshccChoIABIUcHViLTg0MzE4MTMxMjE4MTI0OTEYAA&sigh=PKgIn73vdkw&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:06:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012202142035000/ 23 KB
8 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d96fa7919e772a67a18b9db39a8951a18bb445b91f54f46db04c072f4f9c679

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7987
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f4e99a836b12b77d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:41 GMT

GET
DATA 200
OK truncated
/ Frame 9BF4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12d09794125db55a5ea52a480bbcb524261818f545de59426106594a983123f9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 54E0 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/daef75a5e808c3b530434f7f22bcc99d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 54E0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a33b79aad7e14e5687914a1caeab484ca2aa5b574424aac84ec5a9606ac72e17

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D2D9 2 KB
1 KB 102ms
33ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGMVwAK6EcHg4GIAA2GZyrIw0mf-1YrxaLoxg&u=%7CeNmdseWml8HGtg8BeCGI3v5SgH%2Bmi7QkrOcpVrKseoE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrkioGQbjiX2UGuAuv14bEENvt7UL12F9G63fZnGxmyehet7rsSafFPjqPOGxiH_QGjycOizojiWsErpMD7UbKUOWJeZw5zUoGuIUawCvZaubaQ5uMIcaV0oiCks-v4jncq2ucO8tUTv8WSvZ7A86j0-ZoYhgDY4JnNJ7pwXseCekBrL8TA5hiy3oKd734Fvf_xvJjZaY0CF1V-BuqvTMqNY11SuKviXtbk4Ns0VOQQAp6S-YBQtg2vPvTdo2Nb-joxFOvYiJjySkaP_mpb6lJ3nMV_ALwQnkIQqV-58oazioXsJhxa6joOvObnx33CHFCbKSi4miZX4s0xxdfDTXUYwrjU7oyG_y-xH2ob-2bK0ig6rDCnWqzAMJhym7gbShkHWYoPbqOTC_Ly9iKQ_Qv983qJANOhHRj7Ghff3i5Jgr3ZqoglWCJoGMvaQ8LvqSS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDliWV4wxYsfQK4iDjuwP54y2yALkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTg0MzE4MTMxMjE4MTI0OTGgAb3UiOsDyAEJqQL04B2-6OW1PqgDAaoE5QFP0LwWxDY55279YzSYNmha0IbXOYqMp7E2_5-Vj_hdkENVgyJg26PhXy_HFnEL2cNJR5Obkr2djtpgh_TEN4UUBfzPh9nI6onxOVK4e69dX70Ky3NH2WOrruDtHQgEs2iKOYl7_Lz4F4lWM-hTlBfTG2NobGs6ZKIGNjY4MkTcxbng9byHzWwr5u1OHijYbl_Xc-deC9FZEbDWAc0aRu4-WPN6VFTEi9-U3mwBpz3H01yHyrhH0dEIUCpUXPpw23TnLCwjs9-sTS_pAGj4jzd7Ue0wJwb_gHcNC-AV-igcEXPMJb1pgAbd7-nv4NKGn6YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3B_Igpc9lycRpcLYvxlceupl0liA%26client%3Dca-pub-8431813121812491%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D2D9 2 KB
1 KB 131ms
62ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D2D9 308 B
636 B 68ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D2D9 507 B
835 B 98ms
63ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame D2D9 43 B
347 B 115ms
36ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=F7GGHkrl41nAeVL-oSIUMV08cSzymSx-Nlsi-g37O-sL6zTU4Tj5eIwnI-AFJaaXKaTrXlWduanluFh8QwtptTzjnKS5eP75Frwv9hmLVPBtJcP9rgR8YWxfDPMkK8r2Bg5ZLUBOG8hnLeX7hlnoj--3NzaZE2KD-O4adJIAGhe-yhJq2uW0nGVlOclPF3CuYTkOr-W2aJuCqUAyNwC2SuZNDaLA9gtn1W6W8n6UkM5nxI0sq_VME5rj-0rPnFMcIcLlymUptBFtj7sI1FzU_dy_h94K3OTnq4fSnwD2P4wQ8J3543PWSjxK0GZs_-X1gF6yseIIx8NLfKPqIoozJmsVfDDnpl_dyPWqBXys2G0wqVq1LWZ7caMbdSnH-4GeZJ9e9kbbAS3nfd8VYiSiL6-g01hBLOB4gjgXvC7ZVSllcc-7nqCUbEEgU3oZxcFF7AH-4g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:05:59 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2723654
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 BVNNQMNlWUP.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ Frame 006C 42 KB
10 KB 121ms
40ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/BVNNQMNlWUP.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df69dba3ccb4788%26domain%3Dlegas.com.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flegas.com.ua%252Ff1b3003cba51c24%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Flegas.com.ua%2F&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&width=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34ea2a0556532b824c974e58ce4364c3282e88091b15a13133d986897f6ad35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NGTlXkJjfLZ0wutibj+hIQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10057
x-fb-rlafr: 0
x-fb-debug: WQgVYoSjhsBcPiI/nqrWzOl0WDC9dOt13JLaf0ldSFUEp6gjebVW8Jky9YRHOhKiMuDMlNY6bYxYiMnYINFeYg==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 15 Mar 2023 15:27:38 GMT

GET
H3 200 Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A65 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1c3f33497aa6d4634f97ef899766badf413e3600c94db6dce7bf13224c0cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 05:36:58 GMT

GET
DATA 200
OK truncated
/ Frame FE0F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ee23e290afe8d7f3ad4cdb9cb414b22b7b057878aa60453a8a0dec36ccbf4e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 17C6 2 KB
1 KB 88ms
64ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGMVwAK8JsKd_NGAAuNACOpqRHYBUVxncYfYQ&u=%7CeNmdseWml8HfK0RIV%2BrDxW4qdbnnhZGz11UhD6UVSRs%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrkioGQbjiX2UtJ4DSk2Y8qTBW6ePtsKRIdL0zQ3LIJTTmmEwkDwUtC7BJxH29H4OxrgzV6Dq4S41VyKn827Chk4yOsdq0NfWdl6HMyF7DAb7T7DG5zwR2wHAKQfYwVg1O8u5_909USimAzA03hpbJ9Lu7s1nd5Ky6EipbcTPKB2Kyi2YnO5sOsNsd1lEGUMoaIojXfs4PSxw4IX-yPMLmnaDR4p63ltUN23wn-bxlVJkZ6E3BvaGfLfkr81EoNSo_TTCV4l3jccNG_I-rHrvHNeeafwt3zB60EcRbUBfpJ3X2Jxv10EY9d2ia99VK6Dm3xauCTIJUzH2LIMzH3TXAMIyhcS85Zu-JIsTaustI33eAbfm-O-zgGs-pSTcbKMrHpMftZ_aEjMACapvQ6dlU2hx4PrL7dHDM1x3hpLBbOUlI5RCUPEM8ynRvoZ-wvuuc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnx28V4wxYpvhK8bm3wOAmq6ABOSP0rFcp5LhiIgBwI23ARABIABguwaCARdjYS1wdWItODQzMTgxMzEyMTgxMjQ5MaABvdSI6wPIAQmpAvTgHb7o5bU-qAMBqgTfAU_Q1Aup6Rt2m-SZJh-908l9L-7R_vTTecGPpH9OsD6Zcq77sIALntyES6hVVMpqd4bU-tY_3jrIEbAdSBRYbx1oOGrl9TTm4LhKxdAtFZH4dpH7r56ikRB7Gvu1vySBiYKbq7zAap9qr5NNL8_3I2RE-UMhzSt64dOcuG2OI1aouiKcTg7p8dTcWr24SyMSX5m2m7R4ZKKCFptyZYAj0cmZVAspQsGbh4kLDoqXzRGy22W8PDW40xPxg6EgXxzZiaHP7fB_S6HmnVVwiNXLxNtMVjucUYy588YssXBYf9eABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2M8GCCgh1DhtUzUGI3ChhqxBprGQ%26client%3Dca-pub-8431813121812491%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 17C6 2 KB
1 KB 57ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 17C6 308 B
636 B 50ms
50ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 17C6 507 B
835 B 52ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 17C6 43 B
347 B 64ms
36ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=N-wuL9CuXqhsCf_PmPCOU4zk2_pga7Vl8PnB1LQnu7loScUkVeAH1oQLOtrSW-5dYA7CAohEy4JgvFuoHvfQ_Pi9iy6_PwaLNdffjOmBEu9l1d-WTAdxUr-t0CX9OIuwYYTMPktOL3DwvTmVnVt_4EoAbfWxdTJm7MVXwXdbYTTJjzzEt_8AncmRDHUxfSl5WW2YlLP85eq-8CXJ2A4cPbJ-7yGbLh7VLvwRoLu983K9Ca-IL3067GxzG5db7WA1OgObZerf832nmtqGS6X461dalLfvATI4ASHE7puxGOvV6JvvnNeN3LB3_lDA-mbijG_Ne1zhkUEVTiFBnTaj_aeabzU421Qaem0aeDLsKosLQtFobq6XoATTD4jZCThIan0Jm7U_3-b5LYLMyti-9ra9b5ZHvKxtQwB01T-haYlWBVIp-WUzSU_w2uz04Shng8TvHA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:00 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2885099
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D2D9 12 KB
5 KB 118ms
60ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 122106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7%2BXPnPeQv3yYGUsaK3xnahp5dlHIML1RQTc1Xv8GeZwrWeXPZ80BjSOphVaLCCEITl0Q5HkxA4Dad7IZxXMZ1AmgqpeEIZrJAhq5paHBMeF%2BdbrrhM297qudbDwByAhDw6D9v2nTD%2BL%2FiMD3T%2B73Mn4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ecba4c8ef7972ba-LHR
expires: Mon, 06 Mar 2023 07:06:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D2D9 12 KB
6 KB 51ms
33ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame D2D9 27 KB
28 KB 105ms
39ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D2D9 4 KB
5 KB 105ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=270&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=316&s=YoBBokbd7OfTFDI6L-6gmSNf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

52d45c7807b1fc093f3ca3cdee7bbc0151a12dee598216b392c9c4f25b39af82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:59 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29738292
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4544
expires: Thu, 23 Feb 2023 11:44:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D2D9 0
127 B 111ms
33ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=PfHo2n6350ULFA0Abe70LZL4estzN17Fic2Po9XEUK2qMY3co1yTNjF6XAJxqXIHnhXnqgiGD7ONYHUSzE_vCSuTu8jUbIw4Eu04yzuaObzlL58XBwxuNPK11XkPpqllm6M4fFC6CsonLnq5srfD4ZFIZ92_NJlGV6mD9_w_TmO4F5zUGKxes5NjXx1aMOO8mwQPVsNOswfBmmyQVQuWq1e9c4-_6C_znZ6RFazJz4Ip5lSlPi0ND-YVp5OJo6Xa_4GNJQ&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 07:05:59 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D2D9 2 KB
1 KB 61ms
60ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D2D9 2 KB
1 KB 61ms
61ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 54E0 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgolCAEqIWJhbm5lclNtYWxsVGV4dEN0YUdUNTBXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QECEAAAAAwEneQDAECg0QESEAAAAAAC3RQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAAAyM2eFQDAECg0QFCEAAAAAgMfeQDAECg0QFSEAAAAAAAAoQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAACYmaGGQDAECg0QMiEAAAAAMDPTPzAECg0QMyEAAAAAAADwPzAECg0QNCEAAAAAAADwPzAECg0QNSEAAAAAAADwPzAECg0QNiEAAABgZuZGQDAECg0QNyEAAAAAmJnxPzAECg0QOCEAAADAzAxHQDAECg0QOSEAAABkZk54QDAECg0QOiEAAABkZjZ5QDAECg0QOyEAAACYmWGFQDAECg0QPCEAAACYmWGFQDAECg0QPSEAAAAyM2eFQDAECg0QPiEAAADMzGiGQDAECg0QPyEAAADMzGiGQDAECg0QQCEAAAAyM6-GQDAEEhpDSnphMWQySXl2WUNGWlFRaXdvZFhtRU0wZyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/daef75a5e808c3b530434f7f22bcc99d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 17C6 12 KB
5 KB 47ms
47ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 122106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olWRg4C6Bj9jxfymJcjBcaF1pI%2BuHEQK0%2BhH5DFhagre0ZyiaXgCLwJRiyOb7zQ6%2BUpyXVJhrM9Oc60a8iwpS3248GcSr4uvPYx2QdQFMOrqcftchy1wQkRu%2FXo%2FTpQl1f68QrcLmEeKfPFj3hysOHsA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ecba4c90f9172ba-LHR
expires: Mon, 06 Mar 2023 07:06:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 17C6 12 KB
6 KB 38ms
38ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 17C6 27 KB
28 KB 68ms
68ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 17C6 5 KB
5 KB 38ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=132&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=596&s=CMQp3LpGGbX4bU6gTpxDQkoH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

59a11db7529038e78f819a786f83ab87da2d4d2a3882af6a4cd38b15d68f5781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29738292
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5284
expires: Thu, 23 Feb 2023 11:44:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 17C6 0
127 B 44ms
32ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Yc1yI36350ULFA0A-sy2xIB9rpdXMc9e8lvOofyw2J5Tg8tNfreTn4YyeugaPrxwBCD4Z4d4KLlGlZ94UeD9ZQ5ZGmnZFOaUuqTZ1PBPEkVKNbNFw6MRK-BR5WSj4qQvAEI_MNXVv4pKjwjSPSuA4cqeSKVkL3hLPta27An43iixkl2mO1e2v6qaI0NYamujD9op3FzsG6WZfE-zVyQgdIS8jmCyord1YVhH57R2tweX64XAHwODRfMe5e51oEMO1bxvcg&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 07:05:59 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 17C6 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 17C6 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:00 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:06:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 93ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=legas.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=legas.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54CF 183 KB
51 KB 525ms
524ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&adk=1812271804&adf=3025194257&lmt=1647414361&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&plas=183x1080_l%7C183x1080_r&format=0x0&url=https%3A%2F%2Flegas.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414361136&bpp=2&bdt=2458&idt=2&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D768ad6fbed47e94f-225fe8d05dcd006f%3AT%3D1647414359%3ART%3D1647414359%3AS%3DALNI_MajBNGShooe-i1qiOe-C4CY5YxWrw&prev_fmts=300x250&prev_slotnames=2642460384%2C2642460384%2C3398747635&nras=1&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&psts=AGkb-H_mXAHakbl2asUAKTNFOzzph5XC5qoRwMcGF55ndnSww762XAvvFnnESHYys0xEzGwrnbzyT6B4dqwx%2CAGkb-H-qTjbkzmSetaZFaPk91oTropPxkPvgwGJZc4UySyxBf2gvz-C8_0xztVgQTC-jwUEHn6TrCZyRbUtmeec%2CAGkb-H8gCp6vcCdgx4chRCQ-X7dBny7m0rF3Z75bUG10oib54f0lvgASM3kEAGyx4J5bYI-5n_VXRDLj_mA%2CAGkb-H8lkAy9gINNie0FWQIJitVEP9h7B2DIag12X_2f8kv_fhEAHJhHbjMn2TXEb7v9rMIPDCpT-c5wY3CFT9A&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

851b7c872770109c9349faa26db165de46cc01437e2dee0d21c5f8822e2f2014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:06:01 GMT
server: cafe
content-length: 51723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 97ms
51ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220314&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80fbd099957ce1e7ec4a491b69246c585b6432fd7d9a6c6cf9cd8992934ba37e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 65ms
32ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9703351-1&cid=243640378.1647414359&jid=1325683681&gjid=1226385990&_gid=846866780.1647414359&_u=aGDAgEABAAAAAG~&z=487865654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://legas.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Mar 2022 07:06:01 GMT
content-type: text/plain
access-control-allow-origin: https://legas.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
30ms Script
text/javascript 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2VDHS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3021
date: Wed, 16 Mar 2022 06:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Mar 2022 08:15:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 35ms
35ms XHR
text/plain 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1097959931&t=timing&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load%20Time&utv=Full%20Page%20Load&utl=3-4%20seconds&utt=3706&_u=aGDAAEABAAAAAG~&jid=926408085&gjid=1373035276&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&_r=1&gtm=2wg3e0N2VDHS&z=1382996694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://legas.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://legas.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
31ms Image
image/gif 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1097959931&t=event&ni=1&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Load%20Time&ea=3-4%20seconds&el=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%3A%3A%20https%3A%2F%2Flegas.com.ua%2F&ev=3706&_u=aGDAgEABAAAAAC~&jid=1325683681&gjid=1226385990&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&gtm=2wg3e0N2VDHS&z=1713618483

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 20:49:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
31ms Image
image/gif 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1097959931&t=timing&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load%20Time&utv=DNS%20Lookup&utl=%3C%200.1%20second&utt=0&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&gtm=2wg3e0N2VDHS&z=2003090901

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 20:49:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
31ms Image
image/gif 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1097959931&t=timing&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load%20Time&utv=TTFB&utl=0.5-1%20second&utt=904&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&gtm=2wg3e0N2VDHS&z=2116238554

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 20:49:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
31ms Image
image/gif 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1097959931&t=timing&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load%20Time&utv=HTML%20Download&utl=0.2-0.5%20second&utt=291&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&gtm=2wg3e0N2VDHS&z=2052970360

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 20:49:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
31ms Image
image/gif 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1097959931&t=timing&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load%20Time&utv=Parsing&utl=1-2%20seconds&utt=1397&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&gtm=2wg3e0N2VDHS&z=468422887

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 20:49:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
32ms Image
image/gif 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1097959931&t=timing&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load%20Time&utv=Rendering&utl=2-3%20seconds&utt=2170&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&gtm=2wg3e0N2VDHS&z=2127857225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 20:49:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
32ms Image
image/gif 2a00:1450:400e:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1097959931&t=timing&_s=1&dl=https%3A%2F%2Flegas.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Load%20Time&utv=DOM%20Loaded%20and%20Parsed&utl=2-3%20seconds&utt=2677&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=243640378.1647414359&tid=UA-9703351-1&_gid=846866780.1647414359&gtm=2wg3e0N2VDHS&z=248720309

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 20:49:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 31ms
31ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9703351-1&cid=243640378.1647414359&jid=926408085&gjid=1373035276&_gid=846866780.1647414359&_u=aGDAAEABAAAAAG~&z=705831307

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://legas.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Mar 2022 07:06:01 GMT
content-type: text/plain
access-control-allow-origin: https://legas.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:06:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 65BC 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 07:00:30 GMT
expires: Thu, 16 Mar 2023 07:00:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F12A 783 B
1 KB 127ms
46ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f69253b857e4678f159fd8eafeeb94eb353ec59bcc87cedfbd1ced0a9f80ff2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ym+SbUHwGRVVgJx+E2/Iyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 16 Mar 2022 07:06:01 GMT
date: Wed, 16 Mar 2022 07:06:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Ym+SbUHwGRVVgJx+E2/Iyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js Show response
pagead2.googlesyndication.com/bg/ Frame 65BC 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1c3f33497aa6d4634f97ef899766badf413e3600c94db6dce7bf13224c0cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 05:36:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54E0 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCIVMV4wxYtzSK5ShrATewrGQDdCco5hohfy_xLkPv-EeEAEg-eO_GWC7BqABybHQvwLIAQmpAvTgHb7o5bU-qAMBqgTsAU_Q5M1eG_GQPcHnkcnq4HKkNYyQdpFy-SZPObKh-doUMYdJhlMeRsqcuU1sMwKPfrGnydgf2b_kx6YrK-csXSfBuZpqimXhsVvGC5PxeqEkGhXvI3Putsk-qamlcTqpVU49nfo2aj6ptoEdqvuHsa5nMzaXQ-O8ZVvDw38NgRidA1ExFsD7S7kymFT6GKIlgkfG-2xi81JIIVu5Hs4Cv_QM8lt5IRSGx_G_IcRHRZEjLKrKkct2GvNF-GhmFD8ssrM3uEmon0LtgXtoMUfWuJVDKuplsE6EzeProllJttMpJ2iqFewtGHsREs5YwASfq9yO_gKIBfrHyIwnoAYu2AYCgAf6lOllqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQok-gCIoWsAgC0ggJCIDhgBAQARgfgAoByAsB2BMDghQOGgxsZWdhcy5jb20udWHQFQGYFgGAFwGyFxwKGggAEhRwdWItODQzMTgxMzEyMTgxMjQ5MRgA&sigh=jExIb2z_5gw&vt=1&template_id=484&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1486316043&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359404&bpp=15&bdt=727&idt=213&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&correlator=1775028939757&frm=20&pv=2&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=412&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=EKU8Uos6eF&p=https%3A//legas.com.ua&dtd=230
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:06:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 54E0 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTOKyIWUuyfvBCfBSTEZh9P1WAbL9O1jpDjOoT7oZSXlVVVZLYXv5prsUortvTi_c_q2dkIDkAxvaQA9yKmDJpjgTBE_rPnwioUL9-TRr2jk_Um15QOQ&sai=AMfl-YQEoFIbuS6hp98ZkvgorUFZN_olfNFCdcRlbNRshGwHaocomD7tXd0MCRJPVWFMfPJrW0gc_9KnTfY-&sig=Cg0ArKJSzHUIwcn-wAtBEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=903195660&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&pay=1&rst=1647414359635&rpt=724&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE0F 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJa3VLmj1YH810t6TxweF2Bske6LRd0MWAgsOH0zwjW8x9w3OUWql3HVijEbbohW7pTQpDmCauztEGoxBpv95o2g&sig=Cg0ArKJSzEJxFLFr7ryZEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4210853449&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647414359671&rpt=665&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F12A 0
0 90ms
89ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220314&jk=4092024121847780&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 65BC 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zh7w5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 27E4 0
17 B 49ms
49ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkUrrV4wxYqvYK7aNjuwPtJGXgAPQnKOYaObG14OqDr_hHhABIPnjvxlguwagAcmx0L8CyAEJqQIcjPoUpOa1PqgDAaoE-AFP0Nc5Xich859M-ioaeXW8aFEzQzibANYlsV7LgiLqu9zOx35Vi2aFBBd3SGxM1gFoigyyT5AFInXNbngMvaMrJV6jEjKd2KbRoQoDd5usXkdsTGC4mZ8AGpl1fyuBwJcXRGvH3patmhjy5fBK4SxpgAHjKW765S_LfsUEWsE5Bv_MZDU7XoluQlv8d28GdYYRo2MEOv8iuPtC0puvg901D1hOglVrk8j7c3Bu6gNqB0CDhz1GvvOTMQ0b-eq0dHROLuAjv9N1I0jxvWVRpaEmn_XbFuRXAzKKqjoDR16X2r_MwJ3ibea1DJciEGNb7DPB3xUu4dS85sAEn6vcjv4CiAX6x8iMJ6AGLtgGAoAH-pTpZagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEKVBoAiKFrAIAtIICQiA4YAQEAEYH4AKAcgLAdgTA4IUDhoMbGVnYXMuY29tLnVh0BUBmBYBgBcBshccChoIABIUcHViLTg0MzE4MTMxMjE4MTI0OTEYAA&sigh=iYW24K_5t9o&vt=1&template_id=419&uach_m=[]

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8431813121812491&output=html&h=60&slotname=2642460384&adk=903195660&adf=1365725250&pi=t.ma~as.2642460384&w=468&lmt=1647414359&url=https%3A%2F%2Flegas.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647414359422&bpp=6&bdt=744&idt=235&shv=r20220314&mjsv=m202203030101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2642460384&correlator=1775028939757&frm=20&pv=1&ga_vid=243640378.1647414359&ga_sid=1647414360&ga_hid=1097959931&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=537&ady=1048&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531397%2C44750774%2C31065370%2C31065470%2C44760495%2C31060047%2C31065516%2C31064019&oid=2&pvsid=4092024121847780&pem=66&tmod=1041396481&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WVBJnTuZfg&p=https%3A//legas.com.ua&dtd=238
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:06:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 27E4 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssONQdC0LfiHFYlwpMvEgAd9zXaqcQdjZu0JHwF7cbnAS5BNaeunCq8pityOZDnwuXRN-nAKBRMtdVaBLiIlqrFduW4OTetiktotPzVviiRL9vByjdGHA&sai=AMfl-YRWUmK0Pg2sy-efvSZ70y6P9iBuAUInAG4ff4cvQjhtSuWzuiwtrcb0b_F2Xj6Xps4ajB0rDRA7S-PA&sig=Cg0ArKJSzMzG5px-XmMEEAE&id=ampim&o=537,1048&d=468,60&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=833&tls=1838&g=100&h=100&tt=1838&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=903195660

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 17C6 0
127 B 33ms
33ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 07:06:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 151 KB
54 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8f0f7d08f176891c3fa9a473a8b0368c697f80b3198bdbbcb5f4756039e62b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55008
x-xss-protection: 0
server: cafe
etag: 4397586510556706524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:06:01 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=legas.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=legas.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/ Frame D46B 10 KB
4 KB 37ms
36ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Mar 2022 01:47:06 GMT
expires: Wed, 30 Mar 2022 01:47:06 GMT
cache-control: public, max-age=1209600
age: 19135
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame D46B 5 KB
691 B 93ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c228e4c33b411f01f3b7a571d44342106847fea18082e174333341503e4f0f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:38:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:06:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:06:01 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D46B 205 B
229 B 36ms
35ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 21:50:23 GMT
x-content-type-options: nosniff
age: 33338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Mar 2023 21:50:23 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D46B 604 B
628 B 36ms
36ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 20:23:17 GMT
x-content-type-options: nosniff
age: 38564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Mar 2023 20:23:17 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/ Frame D46B 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bda98b3494dbac9c731cd4d78488076699140bc89d6a2dedae7178794c558e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8376
x-xss-protection: 0
server: cafe
etag: 6168205652129269979
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:05:56 GMT

GET
H3 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2CAB 84 KB
29 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47090
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 16 Mar 2022 18:01:11 GMT

GET
H2 200 9083571395008933679_6874622713347893994.jpeg
static.doubleclick.net/dynamic/5/80987794/ Frame 2CAB 17 KB
17 KB 136ms
38ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/80987794/9083571395008933679_6874622713347893994.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcabfb7f70eddae9290454b7879ac7fe75d61700e5ce5450fb775478eb0d528f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 00:17:57 GMT
x-content-type-options: nosniff
age: 197285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17049
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 21:19:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 00:17:57 GMT

GET
H2 200 16877628851297784464_4520825768584442562.jpeg
static.doubleclick.net/dynamic/5/80987794/ Frame 2CAB 23 KB
23 KB 366ms
268ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/80987794/16877628851297784464_4520825768584442562.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fa5ed24c087e0e897f8456d823b676b958c15aa01bab12d948d4905724e7cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:02 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23758
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 14:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 07:06:02 GMT

GET
H2 200 13892248672066007276_7861142782611158913.jpeg
static.doubleclick.net/dynamic/5/80987794/ Frame 2CAB 21 KB
22 KB 147ms
49ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/80987794/13892248672066007276_7861142782611158913.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd7e869e5439edbec11fcb7d7502aacc253c28faed28471d2d67643e10319e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:05:54 GMT
x-content-type-options: nosniff
age: 72008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21898
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 02:17:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 11:05:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 2CAB 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:47:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220314&jk=4092024121847780&bg=!DQ6lDkrNAAZgliNcYJY7ACkAdvg8WtyPPTdEUPkcZcqxzVDWnYz_2KZ_AOFFndm-Uk_A72IIZRuvigIAAABeUgAAAANoAQcKAJOizvDkiFPQbVziHrssg6BxLT_UX_bw3I1IU4DeZ01N0s-9LeIA8c6xf5tFBInmVtGqcsH-6_a5sIGIOvSM6Dv89GbjwGfPIARc8jTXpUsiTRrdr4MKtmn91-YopXEzXNGAPmwDbpBvXRonmck9cqCZYooVY1DUJB_KKO9hpFxj_iF46vkZ0Rt2JKEY_l1LZWEUdriZAqddKS864qUvfIv4r9Es90e8y7qDXJX2bwI9QDYtHMCW9NbXfG_CyayUgaQHjrR24-fIIiX7z5tleLZzta5SE6hxXLx_jajfiW--_2karpKyX1CFfGG2MsatrwPZ1oQBgOMMqLZduglYMKHiO8SGfMUJuqSlhhwV45Rj2rrweWBSSI9XWuoNv5cRN--9i0wIo4pJ3HO-TlQdPXkqPxBF3daxDcFebU_qPZWhQW-EwhB0SfvNrRH-sjt0AAjRMlYgmtJKC24Le8E02X14m9Fc_aHrMcnNdvComLj966VMmXoL2k84cBO1x3xsrrtJa8CdfrwJhCvbj0f_T4iUYkAqq0SfQyB2ALNmkQoeTTWb9XTxhOz3MmzPOEu_FYiK_12koLzp07DpDs6hmcg7deANR0tdltUR7QSSMQf-zjhsnOzeV4dxI0GBLeRlhRP_3cpMnDnG9ATdM418e-YoyjYRnDdBfpqjnXNe2XeNUGDztMx6K_EhXFgmtnV2cq-XktN7BjCPFxL7fjTE_oG0fbCFwJzgQnWfh3GDpFGXzozgYLLnmKauXsngtMivHt7ohgh4jFwaPivb2poGROu-PpdvQ1z19TTa_kysMgNWZ8qqrYIq6MOc6d_44H9NK7EVWBorK4hqL_-9mNz1y5uOIIfEjvSsNZhts_oroLiOt5nI6Oio_M4WTWKXYSSdQuo1fWBxSI4vrTEQ6fShEH6Cgbsm_BcxP3ItKvXq0BtMeTvoNM8ZtJMAeOLbAZ_CQpO6RDOFwXYO07rWkio2Qh-oCTWyzidNu1GKAJckLlO2FwkZazJ4DC0tvT0Z_ZD3dae3zdLTdlTRdJTKnQy_lYDpY972c8ZGxMnce6njhiOPdiyNgoll4KkBnWHezaMko7qxK1RdmhVe7NHy1-Um

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://legas.com.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E0E 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 16 Mar 2022 06:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 2CAB 2 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 06:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 06:12:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CAB 117 KB
36 KB 95ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:06:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E0E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

177ms
176ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Mar 2022 07:06:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:06:02 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Mar 2022 07:06:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 2CAB 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:01:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2CAB 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzrH5F9AiH6tXLu1cYvGZlS-V-APtk-9EmSxBwkMJlbRuF5oWMAgm4JaK9Hhv5mrbJnEBOkmYc3ainIUAMg4Wt4uqahA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 200 Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6597 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Xhw_M0l6ptRjT5fviZdmut9BPjYAyU223Oe_EyJMDPw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1c3f33497aa6d4634f97ef899766badf413e3600c94db6dce7bf13224c0cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 05:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 05:36:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a1.admaster.net
URL: http://a1.admaster.net/a/10507/155?pos=0.21014439689757602

Domain: c.bigmir.net
URL: http://c.bigmir.net/?o1&v16854857&s16853252&t0&c1&n8886&w0&y0&d24&r1600

Domain: g.novostimira.biz
URL: http://g.novostimira.biz/l/1322?v=2745690

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
legas.com.ua/	1969-12-31 23:59:59	Name: b Value: b
legas.com.ua/	1969-12-31 23:59:59	Name: iua Value: 1
.legas.com.ua/	1970-01-20 19:08:06	Name: _ga Value: GA1.3.243640378.1647414359
.legas.com.ua/	1970-01-20 01:38:20	Name: _gid Value: GA1.3.846866780.1647414359
.legas.com.ua/	1970-01-20 01:36:54	Name: _gat Value: 1
.yandex.ru/	1970-01-20 19:08:06	Name: i Value: L/vJs40yl7VTp67WGEJwNNFnEcYbFvDr3+U6ty30jnkeLtKdTtfGUla+Ig7o7hee788WLtoi6JmJ6NnIV1Qla/FaHas=
.legas.com.ua/	1970-01-20 10:58:30	Name: __gads Value: ID=768ad6fbed47e94f-225fe8d05dcd006f:T=1647414359:RT=1647414359:S=ALNI_MajBNGShooe-i1qiOe-C4CY5YxWrw
.doubleclick.net/	1970-01-20 10:58:30	Name: IDE Value: AHWqTUnDKWIcPN-KkTfvF7dXwjXTZJQWSM0nvVcCdMrenIi3ELJXQsVcKi2U_CGwYG8
.zenaps.com/	1970-01-20 02:20:06	Name: aw23729 Value: 922583\|0\|0\|1647414262\|at106243_a155926_m14_p76740_t61240_cDE_f14\|aw\|0
.zenaps.com/	1970-01-20 10:22:30	Name: bId Value: HLEX_62318bf6b10342.43451687
www.tesco.com/	1969-12-31 23:59:59	Name: akavpau_CC_plus_vp Value: 1647414661~id=5b1213eecf9f23c5b2dec7808803a4b4
.legas.com.ua/	1970-01-20 01:36:54	Name: _dc_gtm_UA-9703351-1 Value: 1
.legas.com.ua/	1970-01-20 01:36:54	Name: _gat_UA-9703351-1 Value: 1
.doubleclick.net/	1970-01-20 01:36:57	Name: DSID Value: NO_DATA

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://legas.com.ua/ Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://caddy.com.ua/components/com_jshopping/files/img_products/VWTGN-1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://legas.com.ua/ Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://www.meteoprog.ua/ua/informerget/?type=4&city[]=Kyiv&color=13659f&txtcolor=FFFF00'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://legas.com.ua/(Line 52) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure script 'http://a1.admaster.net/a/10507/155?pos=0.21014439689757602'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://legas.com.ua/(Line 212) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://caddy.com.ua/components/com_jshopping/files/img_products/VWTGN-1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://legas.com.ua/(Line 283) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://www.meteoprog.ua/ua/informerget/?type=4&city[]=Kyiv&color=13659f&txtcolor=FFFF00'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://legas.com.ua/ Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://040510111616.c.mystat-in.net/?i040510111616&t4&g27&w1600&c24&r&v3&j0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://legas.com.ua/(Line 382) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.bigmir.net/?o1&v16854857&s16853252&t0&c1&n8886&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://legas.com.ua/(Line 382) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure script 'http://c.bigmir.net/?o1&v16854857&s16853252&t0&c1&n8886&w0&y0&d24&r1600'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://legas.com.ua/(Line 382) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.bigmir.net/?o1&v16854857&s16853252&t0&c1&n8886&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://legas.com.ua/ Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://r.i.ua/s?u66180&p62&n0.6751521357156076&c1&d24&w1600&h1200&r/legas.com.ua/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.meteoprog.ua/ua/informerget/?type=4&city[]=Kyiv&color=13659f&txtcolor=FFFF00 Message: Failed to load resource: the server responded with a status of 500 ()
security	error	URL: https://legas.com.ua/(Line 1181) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure frame 'http://banner.kiev.ua/cgi-bin/bi.cgi?h84092&1309948&1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://legas.com.ua/(Line 1371) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure script 'http://g.novostimira.biz/l/1322?v=2745690'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://legas.com.ua/(Line 1486) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://clck.yandex.ru/click/dtype=stred/pid=30/cid=1529/*http://ya.ru'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://legas.com.ua/(Line 1403) Message: Mixed Content: The page at 'https://legas.com.ua/' was loaded over HTTPS, but requested an insecure frame 'http://kurs.com.ua/informer/inf2?color=blue&rnd=1647414359436'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://info.maps.yandex.net/traffic/kiev/current_traffic_150.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://caddy.com.ua/components/com_jshopping/files/img_products/VWTGN-1.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cpa.com.ua/get_js/script.js?aid=90 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

040510111616.c.mystat-in.net
a1.admaster.net
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
c.bigmir.net
caddy.com.ua
cat.nl.eu.criteo.com
cdn.ampproject.org
cdnjs.cloudflare.com
clck.yandex.ru
connect.facebook.net
cpa.com.ua
csm.eu.criteo.net
fonts.googleapis.com
g.novostimira.biz
googleads.g.doubleclick.net
info.maps.yandex.net
legas.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pubmedya.net
r.i.ua
rtb.fr.eu.criteo.com
static.criteo.net
static.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
webcache.pp.ua
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.meteoprog.ua
www.tesco.com
www.zenaps.com
a1.admaster.net
c.bigmir.net
g.novostimira.biz
104.111.239.217
104.117.203.148
142.132.202.70
142.250.185.194
176.9.60.211
178.250.0.162
178.250.2.135
178.250.2.148
192.102.6.73
2606:4700:3033::6815:2c6c
2606:4700::6810:135e
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9b
2a00:1450:400e:80d::200e
2a02:2638:1::11
2a02:2638::2
2a02:2638::3
2a02:6b8::130
2a02:6b8::14
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::7
45.94.156.135
49.12.116.255
91.198.36.16
0704a59850bcb5dc385e39444939911c69c1e351b0dfce5dcb861911fb18fdb2
07d35956fd55c041947e38467170f7aa5931dc36239b107ff4229673fd183dd8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fef1de921ceb5aaf02cdd59f48ac20bb471a408d3f07eccde978f25cf88a42
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0ed52042801bb1b9dbdca21c8ee7b98cc639f0f7ca655d1018ad8dfcd1b10ccd
0f69253b857e4678f159fd8eafeeb94eb353ec59bcc87cedfbd1ced0a9f80ff2
121845511520714deea6789c66953a5574db3044180c58f20ee7a9589b06092e
12cb17ca2b8ce4bd3fe08ef923a93160b1cc2709c1e5efd0e9a1ee8af9d11c24
12d09794125db55a5ea52a480bbcb524261818f545de59426106594a983123f9
148ef779f4cbcf2705a45d8bfe98a99a2295f3ef695621db25d1825bfc516c68
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
21583f7002df3434278d0ac87cde6b062999b39689e75945e152f8a5e75ef7fe
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
34ea2a0556532b824c974e58ce4364c3282e88091b15a13133d986897f6ad35c
35ee23e290afe8d7f3ad4cdb9cb414b22b7b057878aa60453a8a0dec36ccbf4e
367d053e8897caf949a1dcd81d7366ff932c8dec0ab27d6464fbbc6a985f9d22
3786fa3025a8b58853a0cb4c4b7f6dc64a31985c65c26a62d5f0f65070f40e2e
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3d7013703a0d1e069cbd5719dc87cee1d7a492b7d80dd55b62ac7af6214afb82
3d96fa7919e772a67a18b9db39a8951a18bb445b91f54f46db04c072f4f9c679
3df04c0b9e27ce616ade774931d8007676641aa32b224321c11bf91c8c6ea588
48a78be1a28857cbeb884e9e087691bd6663b12cd11948206fb15966d00ef9c0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff0c30cd7b9ffc4518ae6aa013653e92365ac79fbec8e8e3dc5feddf36c5ab3
52d45c7807b1fc093f3ca3cdee7bbc0151a12dee598216b392c9c4f25b39af82
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59729251e018160eeed443c848fa5fd802b40e984b5afe60560c3cbe9d7b4612
59a11db7529038e78f819a786f83ab87da2d4d2a3882af6a4cd38b15d68f5781
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e1c3f33497aa6d4634f97ef899766badf413e3600c94db6dce7bf13224c0cfc
5e39a21f14be2e5ac38868ec8d10cbc92aa9d55dcff2caa684efc1e606d7d0d7
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f4ced5d55df1d2b68756fbeffafd50b5d09c3ad7703f89a0660269a4ea3a54
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edbf13af2f07f3ff6cf1b7ab649b8c6c28d247f2d7750a8593bd534de07d744
720b21233cc3f5ac1443ecb48e8807913f0927ee4ffd04d805b76aa2b93bed2b
79d43d860bcaf8b62c343669b1c7c7acf20a83d0a35ade74f875c8157e71bbd4
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
80fbd099957ce1e7ec4a491b69246c585b6432fd7d9a6c6cf9cd8992934ba37e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851b7c872770109c9349faa26db165de46cc01437e2dee0d21c5f8822e2f2014
85a06cedcdf4af73ed36a6668f0e7d43274e27103985151eed347825f1d64537
8808647c199175f16b3f7477a261b65f430d8dbdf81a7eeba96bce35dfcf4d56
8d61bc67c5b06bbd0e0787fc1e661c2fb58ba72c46b7b05ca3ee94c20e599130
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
908c38c2903c40a2cfdaddb865ce6dcab718d3361536cdfda07d9c730de53421
913b157f2689c81cfbf6940661dad51919048b2af4edfd4b956eeda00850a42d
9abd61a568a3bdeb52d1ef567f71ef5afa79da30f9f66a378e9546deca5e7008
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9fa5ed24c087e0e897f8456d823b676b958c15aa01bab12d948d4905724e7cde
a05baae3f8bd00c0bb61fb28fb26b8984ec2c427651ad5fc472d5cbb4d5bb4aa
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a33b79aad7e14e5687914a1caeab484ca2aa5b574424aac84ec5a9606ac72e17
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e648923be27227370e476a3fe1b29b7d43f486b80ffb409a04d7b6ef3909ca
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a86b3a844dad8b4c5673af644a74b9046f920772bfc75d0f5fa0704d19510d2e
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
ad3409471389f0bd43787e12f01156a029b551d682f7a3f8a4250f7c573c23d5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b72e00333a9da62f5eeb0fc1046b0ca4c9b1e30dcd28d283dab8878d9ff02aa9
bda98b3494dbac9c731cd4d78488076699140bc89d6a2dedae7178794c558e31
be5918ab38ddc24691850454dc810ece96f01829014fc3bcdaee6550e80875c3
c228e4c33b411f01f3b7a571d44342106847fea18082e174333341503e4f0f20
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
ceb6019241751dffe336346c5c4540634a286aa657911b6766b77e6ee4da3620
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d1c2e9328b066d24c8ca8aaf34bd48600051f29bbed7fb881d0ec669a39b49f0
d6fc15d2759ac924b29cf9d8508e5cdae93ebd9053852020fd9206a77cb8898e
dc51d39a01a5ff2f42ec254801d29f48887ca6b2c6faac880cdf1787d0471cb1
dd7e869e5439edbec11fcb7d7502aacc253c28faed28471d2d67643e10319e85
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f0f7d08f176891c3fa9a473a8b0368c697f80b3198bdbbcb5f4756039e62b6
e91164aa903deff74af4c0d4cf7a42b9954783d8ed0d6f022a59bf8c7f8055d0
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ed8a35d6fd1f5bf0923284f1b2e0400a97cbaacd5abb2c674ce566b0e81fec
f83c0812d2ef30a334de87811cf685f2d21e23c4b6785926f987c4e164e7e3eb
fcabfb7f70eddae9290454b7879ac7fe75d61700e5ce5450fb775478eb0d528f

legas.com.ua Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

92 %HTTPS

66 %IPv6

32 Domains

40 Subdomains

32 IPs

7 Countries

1514 kBTransfer

3915 kBSize

14 Cookies

12 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

legas.com.ua Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

92 %
HTTPS

66 %
IPv6

32
Domains

40
Subdomains

32
IPs

7
Countries

1514 kB
Transfer

3915 kB
Size

14
Cookies

156 HTTP transactions
4 data transactions