westudents.com.ua Open in urlscan Pro
95.142.40.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://westudents.com.ua/
Submission: On September 16 via api (September 16th 2022, 12:48:05 pm UTC) from GB — Scanned from GB

Summary HTTP 82 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 23 domains to perform 82 HTTP transactions. The main IP is 95.142.40.16, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is westudents.com.ua.

This is the only time westudents.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	95.142.40.16 95.142.40.16	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 4	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
12	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	62.109.31.26 62.109.31.26	29182 (RU-JSCIOT) (RU-JSCIOT)
1	94.250.254.126 94.250.254.126	29182 (RU-JSCIOT) (RU-JSCIOT)
1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
14	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	87.240.137.164 87.240.137.164	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	217.20.152.207 217.20.152.207	47764 (VK-AS) (VK-AS)
2	92.123.36.231 92.123.36.231	16625 (AKAMAI-AS) (AKAMAI-AS)
2	94.100.180.54 94.100.180.54	47764 (VK-AS) (VK-AS)
82	27

7 95.142.40.16 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: vm366435.eurodir.ru

westudents.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.202.52 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 95.163.114.204 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.31.26 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1020.ru

postabuse.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.250.254.126 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1021.ru

prespan.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

cdn.smntq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.137.164 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.152.207 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip207.152.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.36.231 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-231.deploy.static.akamaitechnologies.com

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.100.180.54 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	338 KB
12	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 124010	74 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	79 KB
7	westudents.com.ua westudents.com.ua	163 KB
5	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3603	58 KB
4	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9373	2 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	mail.ru connect.mail.ru — Cisco Umbrella Rank: 66403	1 KB
2	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2672	768 B
2	ok.ru connect.ok.ru — Cisco Umbrella Rank: 26501	4 KB
2	vk.com vk.com — Cisco Umbrella Rank: 5949	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	42 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	click.ru af.click.ru — Cisco Umbrella Rank: 196450	1 KB
1	smntq.com cdn.smntq.com — Cisco Umbrella Rank: 145899	489 B
1	prespan.ru prespan.ru	322 B
1	postabuse.ru postabuse.ru — Cisco Umbrella Rank: 211194	319 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5376	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	651 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	42 KB
82	23

	Domain	Requested by
14	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	w.uptolike.com	westudents.com.ua w.uptolike.com
11	pagead2.googlesyndication.com	westudents.com.ua pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	westudents.com.ua	westudents.com.ua
5	mc.yandex.ru	2 redirects westudents.com.ua
4	counter.yadro.ru	2 redirects westudents.com.ua
2	connect.mail.ru	w.uptolike.com
2	api.pinterest.com	w.uptolike.com
2	connect.ok.ru	w.uptolike.com
2	vk.com	w.uptolike.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	af.click.ru	w.uptolike.com
1	cdn.smntq.com	w.uptolike.com
1	prespan.ru	w.uptolike.com
1	postabuse.ru	w.uptolike.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	westudents.com.ua
82	26

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
westudents.com.ua R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
uptolike.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
postabuse.ru R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
prespan.ru R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
smntq.com R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.click.ru R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2021-11-01` - `2022-12-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: http://westudents.com.ua/
Frame ID: 21DB63743E2B6C6F8DB80A018B47CF3E
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: 43056178034BA27BA2F2B549F43FED52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&adk=1812271804&adf=3025194257&lmt=1663332479&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwestudents.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663332479327&bpp=2&bdt=1265&idt=297&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338846620928&frm=20&pv=2&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=323
Frame ID: 7D9BDD4363F6270C26520EC41FEC199C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335
Frame ID: 4C7A9AD60EF8B22F386A34A945730514
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479332&bpp=1&bdt=1271&idt=336&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=5uxVuAk7GA&p=http%3A//westudents.com.ua&dtd=340
Frame ID: D9DEF01CDF95C11823906DFE4F7F3BB8
Requests: 8 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 695E27B5874AFAEE974619EC9CA0FB26
Requests: 11 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 466437FA7B79F6713EDB0DE1D36783C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html
Frame ID: 3161C5FEA24DE7FF7FD2A77F0D89E042
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4EC928CB96A740281C23EA1E6395DFE8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Frame ID: 3DC43A63AEA82C207B92A30302D8B242
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: FA18041F96E5765817A5E5141877BF51
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F705B78E3C171490907F260A6BE4135
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD40FDA5D1D50A95E86900FBA39640A8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бібліотека українських підручників

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

85 %
HTTPS

54 %
IPv6

23
Domains

26
Subdomains

27
IPs

5
Countries

941 kB
Transfer

2226 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.23299407149342088 HTTP 302
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.23299407149342088 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.23299407149342088

Request Chain 32

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 61

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946elviuuw%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A584001063082%3Ahid%3A721989222%3Az%3A0%3Ai%3A20220916124800%3Aet%3A1663332481%3Ac%3A1%3Arn%3A89979889%3Arqn%3A1%3Au%3A1663332481157528527%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663332477882%3Ads%3A13%2C80%2C84%2C81%2C0%2C0%2C%2C915%2C6%2C%2C%2C%2C1174%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663332481%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946elviuuw%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A584001063082%3Ahid%3A721989222%3Az%3A0%3Ai%3A20220916124800%3Aet%3A1663332481%3Ac%3A1%3Arn%3A89979889%3Arqn%3A1%3Au%3A1663332481157528527%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663332477882%3Ads%3A13%2C80%2C84%2C81%2C0%2C0%2C%2C915%2C6%2C%2C%2C%2C1174%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663332481%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

82 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
westudents.com.ua/ 28 KB
28 KB 177ms
84ms Document
text/html 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 / PHP/7.2.29
Resource Hash: 5461cd3752d76af082daaec1ae4b0605d92fa4da2e816924524906e4606771ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Sep 2022 12:47:58 GMT
Server: nginx/1.16.1
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.29

GET
H/1.1 200
OK style6.css
westudents.com.ua/css/ 24 KB
24 KB 785ms
161ms Stylesheet
text/css 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/css/style6.css?ver=1.6.6

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

27357951e2762a8adf71c13ae7e0e03b5ecee8e87017238183e7cfffdb428f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:58 GMT
Last-Modified: Fri, 08 May 2020 13:11:27 GMT
Server: nginx/1.16.1
ETag: "5eb55a7f-5f2d"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24365

GET
H/1.1 200
OK bootstrap.min.css
westudents.com.ua/css/ 8 KB
8 KB 157ms
80ms Stylesheet
text/css 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://westudents.com.ua/css/bootstrap.min.css?ver=1.2
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 /
Resource Hash: f49bd72e6bae4d1803162659b45335d1f58883eb2bd4a10d808447ee1c66ac35

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:58 GMT
Last-Modified: Fri, 08 May 2020 13:11:27 GMT
Server: nginx/1.16.1
ETag: "5eb55a7f-1f34"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7988

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
westudents.com.ua/js/ 91 KB
92 KB 786ms
163ms Script
application/javascript 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/js/jquery-1.8.3.min.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:58 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-16dc4"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93636

GET
H/1.1 200
OK main.js Show response
westudents.com.ua/js/ 3 KB
3 KB 705ms
82ms Script
application/javascript 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/js/main.js?ver=1.1.1

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

4b6755fa117ce7885e5ef0c47fd833e6d6e9383bc173087ccaf7f80ae8053ceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:58 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-cc5"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3269

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 147ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109056477-1

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2b7020caf17bf468c11f3dcda680415db184ab3f4383b00e3ccf2a2afe2b5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:47:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42377
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Sep 2022 12:47:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 222ms
127ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66bf899fb41b6b0fe0332b7904078e92802ffe7da098bba5789580baa6d4f872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58023
x-xss-protection: 0
server: cafe
etag: 17309545910290893342
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Sep 2022 12:47:59 GMT

GET
H/1.1 200
OK ukr.png
westudents.com.ua/images/ 1 KB
1 KB 81ms
80ms Image
image/png 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://westudents.com.ua/images/ukr.png
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 /
Resource Hash: 54ef03d404ec29d9c8c4766a73f27e6dd748c23defc52450ae3672a71b8d439e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:59 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-454"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1108

GET
H/1.1 200
OK logo
counter.yadro.ru/ 112 B
336 B 152ms
71ms Image
image/gif 88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/logo?45.1
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host152.rax.ru
Software: 0W/0.8c /
Resource Hash: bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:59 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: 0W/0.8c
Connection: Close
Content-Type: image/gif
Content-Length: 112
Expires: Sat, 16 Sep 2023 03:22:20 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438...
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0...

43 B
528 B

72ms
71ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.23299407149342088

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 12:47:59 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 16 Sep 2021 03:22:20 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 12:47:59 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.23299407149342088
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 16 Sep 2021 03:22:20 GMT

GET
H/1.1 200
OK logo.jpg
westudents.com.ua/images/ 7 KB
7 KB 82ms
81ms Image
image/jpeg 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://westudents.com.ua/images/logo.jpg

Requested by

Host: westudents.com.ua
URL: https://westudents.com.ua/css/style6.css?ver=1.6.6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

0bb9a543d6729f51a883b23be6010e8211cebc56db711baa2b52de74107c8651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://westudents.com.ua/css/style6.css?ver=1.6.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:59 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-1ac2"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6850

GET
H/1.1 200
OK uptolike.js Show response
w.uptolike.com/widgets/v1/ 21 KB
9 KB 164ms
81ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://w.uptolike.com/widgets/v1/uptolike.js
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Fri, 16 Sep 2022 13:17:59 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0000f2da5b41f0afdea3eb387de6032482859d0c2f2d54aa2ab57e104329dcf0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
42ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109056477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6359
date: Fri, 16 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 16 Sep 2022 13:02:00 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
843 B 251ms
84ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1663332479213429
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c9d178aba2d671de21fb6ba1cc6f6eba107f351ae106e929b130c1ce2d188491

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 12:47:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 15 Sep 2022 15:59:22 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 49ms
48ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=196884849&t=pageview&_s=1&dl=http%3A%2F%2Fwestudents.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1931693979&gjid=1738896446&cid=84230781.1663332479&tid=UA-109056477-1&_gid=906157314.1663332479&_r=1&gtm=2ou9e0&z=889538111

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://westudents.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 12:47:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://westudents.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 182ms
98ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7312982849013924&plah=westudents.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0815f17335520129819014d8b2497e921557b8f71b33c01badbd07a46c01d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124740
x-xss-protection: 0
server: cafe
etag: 1190902412722972730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Sep 2022 12:47:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame 4305 10 KB
5 KB 131ms
40ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 43114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 00:49:25 GMT
etag: 9671129459699598864
expires: Fri, 30 Sep 2022 00:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widgetsModule.js Show response
w.uptolike.com/widgets/v1/ 172 KB
42 KB 169ms
169ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 16 Sep 2022 13:17:59 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
651 B 176ms
49ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=westudents.com.ua&callback=_gfp_s_&client=ca-pub-7312982849013924

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7312982849013924&plah=westudents.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7c9609f8db0ff59d42fc0f679aa1e929639ff79c494dc239957ef8a98a5023b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 167ms
49ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=westudents.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 12:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 158ms
50ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=westudents.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 12:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwestudents.com.ua%2F&tn=DIV&cls=menu-container&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 12:47:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D9B 0
19 B 212ms
127ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&adk=1812271804&adf=3025194257&lmt=1663332479&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwestudents.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663332479327&bpp=2&bdt=1265&idt=297&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338846620928&frm=20&pv=2&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=323

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:47:59 GMT
expires: Fri, 16 Sep 2022 12:47:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C7A 96 KB
33 KB 639ms
567ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a6b1e8e30fc9306b5819c669860b1669ca906d053f5b4fd2e77c523554f788c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:48:00 GMT
expires: Fri, 16 Sep 2022 12:48:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D9DE 114 KB
41 KB 598ms
532ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479332&bpp=1&bdt=1271&idt=336&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=5uxVuAk7GA&p=http%3A//westudents.com.ua&dtd=340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

294e1c4ee4097bb8dbb98129edce05e99af2d7736632b89ceb0d920972250938

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2y6qysmfoCFYPllAkdRSsC2g&gqi=f3AkY6CWL8SLtweAi4uoAw&layout=/sadbundle/%24csp%253Der3%24/13665046492732844651/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42267
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2y6qysmfoCFYPllAkdRSsC2g&gqi=f3AkY6CWL8SLtweAi4uoAw&layout=/sadbundle/%24csp%253Der3%24/13665046492732844651/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:48:00 GMT
expires: Fri, 16 Sep 2022 12:48:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK share-counter.html Show response
w.uptolike.com/widgets/v1/ Frame 695E 17 KB
5 KB 82ms
82ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 16 Sep 2022 12:47:59 GMT
Expires: Fri, 16 Sep 2022 13:17:59 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame 4664 1023 B
914 B 164ms
83ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 16 Sep 2022 12:47:59 GMT
Expires: Fri, 16 Sep 2022 13:17:59 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK top-bottom.png
w.uptolike.com/static/buttons/gradients/40/ 168 B
503 B 239ms
82ms Image
image/png 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/static/buttons/gradients/40/top-bottom.png
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 42e9385cea8164b34b0617860d86b6ba3844e4a92484d8d24142522d6df6a959

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:47:59 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-a8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168
Expires: Thu, 17 Nov 2022 07:50:42 GMT

GET
H/1.1 200
OK icomoon.woff
w.uptolike.com/static/buttons/fonts/ 9 KB
9 KB 250ms
83ms Font
application/font-woff 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Referer: http://westudents.com.ua/
Origin: http://westudents.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:48:00 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-23b8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9144
Expires: Thu, 17 Nov 2022 07:57:02 GMT

GET
H/1.1 200
OK widgets-batch.js Show response
w.uptolike.com/widgets/v1/ Frame 695E 418 B
663 B 154ms
85ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTM1MDk4MSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZ3ZXN0dWRlbnRzLmNvbS51YSUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1663332479876942
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ea76f2a18d5030943f43a004bb60403831e7b187f7c95539698872f069eac55c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 12:47:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 15:59:22 GMT

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/ Frame 4664 0
154 B 80ms
79ms Image
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/imp?pid=1350981&url=http%3A%2F%2Fwestudents.com.ua%2F&vp=09d60a31-84ac-431e-8628-b64b05e28fb6&ttl=JUQwJTkxJUQxJTk2JUQwJUIxJUQwJUJCJUQxJTk2JUQwJUJFJUQxJTgyJUQwJUI1JUQwJUJBJUQwJUIwJTIwJUQxJTgzJUQwJUJBJUQxJTgwJUQwJUIwJUQxJTk3JUQwJUJEJUQxJTgxJUQxJThDJUQwJUJBJUQwJUI4JUQxJTg1JTIwJUQwJUJGJUQxJTk2JUQwJUI0JUQxJTgwJUQxJTgzJUQxJTg3JUQwJUJEJUQwJUI4JUQwJUJBJUQxJTk2JUQwJUIy&rnd=0.2394972148844714
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Sep 2022 12:48:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 83ms
82ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.016427926535743875
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b9f24a63dadc9feb4aac20af566de912f12df1df7199cc39b2c7c7f51dcd716a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 12:48:00 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 15 Sep 2022 15:59:22 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

158 KB
56 KB

394ms
198ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3cbc19c85c969eee8000c35b2c167c5889523980953cd63869c73d14f63d400f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:00 GMT
content-encoding: br
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
etag: "6323e622-de40"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56896
expires: Fri, 16 Sep 2022 13:48:00 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK / Show response
postabuse.ru/yaml/ 0
319 B 311ms
87ms Script
application/javascript 62.109.31.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://postabuse.ru/yaml/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.016427926535743875

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.109.31.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1020.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:48:00 GMT
Last-Modified: Friday, 16-Sep-2022 12:48:00 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
prespan.ru/sou/ 3 B
322 B 303ms
128ms Script
application/javascript 94.250.254.126
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://prespan.ru/sou/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.016427926535743875

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.250.254.126 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1021.ru

Software

nginx/1.13.12 /

Resource Hash

101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:48:00 GMT
Last-Modified: Friday, 16-Sep-2022 12:48:00 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 3

GET
H2 200 smart.js Show response
cdn.smntq.com/c83ul/ 6 B
489 B 260ms
68ms Script
text/javascript 95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smntq.com/c83ul/smart.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.016427926535743875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:00 GMT
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 913 B
1 KB 322ms
81ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.016427926535743875
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:48:00 GMT
Last-Modified: Fri, 22 Jul 2022 11:33:41 GMT
Server: nginx
ETag: "62da8b15-391"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/ Frame 3161 78 KB
27 KB 196ms
91ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479332&bpp=1&bdt=1271&idt=336&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=5uxVuAk7GA&p=http%3A//westudents.com.ua&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f4adacb94e40d00b456b464c12c573aeba4f3bb6a7e7fda8e58c312a5ad66b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 126779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26023
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 01:35:01 GMT
expires: Fri, 15 Sep 2023 01:35:01 GMT
last-modified: Thu, 10 Dec 2020 08:33:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D9DE 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV9-nf3AkY932MoPL0_wPxdaI0A2utMvFYN3F3P_kDKbxhuOgAhABIOydhR5gu4aAgNAKoAHejoqFA8gBCakCSXt4DF0Vsz6oAwHIA0iqBIgCT9D65BNsiayNiS0dTKV9R7q3QfqbCzh59kVzvMMGSRknb4JpErzCHpznfI02utPP6QRiSgK4oJ8ANDLJeozL7C6wJferIhFDucp2c37HjXTeLopbZf9s3R96sDX0utJmE4kBkGj5Luf7inD8KLeMENyt3AXkRtno0qMwpK3ZxIB3EVX8ssGq5C3arTNdR6XRikVoOGiWTTXo2Vqrg96XyfAQDxomRhqLBlGieTHtHDVTX6Fb0df3P-YEeYKs3YrBVS2m-zJ6ROy9-6RLwcxq-XYSgKUEjmyty5VbL7HEQJALc0YkqY394joGKVA9yL9xyvAaub-E8fZJJU7VmAlqILOjEAQ03wBWwAS36rCwrQOSBQQIBBgBkgUECAUYBKAGLoAHivH1eqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENyKAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTczMTI5ODI4NDkwMTM5MjQYAA&sigh=IRYVV-C32mU&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479332&bpp=1&bdt=1271&idt=336&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=5uxVuAk7GA&p=http%3A//westudents.com.ua&dtd=340
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Sep 2022 12:48:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Sep 2022 12:48:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame D9DE 23 KB
10 KB 145ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 12:44:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame D9DE 3 KB
1 KB 190ms
89ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 12:46:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame D9DE 17 KB
7 KB 150ms
49ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 12:46:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9DE 141 KB
44 KB 580ms
479ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 12:48:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4C7A 8 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 11:05:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 16 Sep 2022 12:48:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Sep 2022 12:48:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 4C7A 2 KB
983 B 163ms
89ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 12:43:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C7A 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvFmRf3AkY46CM4K7zLUPj_yo2A-Buvv4a_3uwYP0De_18_0IEAEg7J2FHmC7hoCA0AqgAcj-kdsByAEJqQJbLTL3BxezPqgDAcgDywSqBPMBT9DSNmb5xi8GX6qVBVwU7x-mLMEndaasrKq-8ZwAP8Y3m6Trc_nRN2jPi2PSdY6-vhWzzXAc9hPbBmBoZr_i3uL7GlXC_bcFEFB1oFoamZ2VPUMYhbP5FkSCLRNlPG6QbXH2mAevHrFfZhjqDk7AId1Nd9bsh2z85CudRquAoblClFiLJ4PJRwEu1knepq9UJH73Dl6L7yTjq6hQbUCGVQ5g3D9US23qJMQ5fmDDjoUrzKT11Zfn3NuHxia008PYnq5eY1Ilb7sLEV-DDt8ldtDlgBVPMhN7ssOXP21d5KE8v_1Uem7Uap4-zV4hvTcw8MVxwATZ3KfgswOSBQQIBBgBkgUECAUYBKAGLoAHoIHupAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDywQjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi03MzEyOTgyODQ5MDEzOTI0GAA&sigh=511Cbp8kuVI&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Sep 2022 12:48:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Sep 2022 12:48:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 4C7A 23 KB
9 KB 124ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 12:44:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 4C7A 3 KB
1 KB 181ms
113ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 12:46:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 4C7A 17 KB
7 KB 150ms
82ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 12:46:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C7A 141 KB
44 KB 600ms
533ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 12:48:00 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 4C7A 33 KB
14 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6126258412314072643/ Frame 4C7A 11 KB
11 KB 185ms
122ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6126258412314072643/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13d586a3982c7802d4a494f401b7bd85e7269cf283eb8b19687dab6603642acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10861
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 18:42:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 12:48:00 GMT

GET
DATA 200
OK truncated
/ Frame 4C7A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4C7A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4EC9 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479332&bpp=1&bdt=1271&idt=336&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=5uxVuAk7GA&p=http%3A//westudents.com.ua&dtd=340
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:11:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D9DE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6717870be9fbd77c1521d1c3a5b76c3fbce1067b28d383614f2d112f22aecaec

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3161 9 KB
3 KB 127ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Sep 2022 09:36:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3161 26 KB
10 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 17 Sep 2022 09:36:20 GMT

GET
DATA 200
OK truncated
/ Frame 4C7A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30515384f1a234cdaf9fd95c5b6752a99811601e265f934154e46d565a592749

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4EC9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
59ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:48:00 GMT
expires: Fri, 16 Sep 2022 12:48:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:48:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3161 60 KB
24 KB 159ms
54ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13665046492732844651/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Sep 2022 12:48:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/23414332/
Redirect Chain

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946elviuuw%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946elviuuw%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-...

427 B
509 B

122ms
122ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946elviuuw%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A584001063082%3Ahid%3A721989222%3Az%3A0%3Ai%3A20220916124800%3Aet%3A1663332481%3Ac%3A1%3Arn%3A89979889%3Arqn%3A1%3Au%3A1663332481157528527%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663332477882%3Ads%3A13%2C80%2C84%2C81%2C0%2C0%2C%2C915%2C6%2C%2C%2C%2C1174%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663332481%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

de2b8c11b3e4abe0f9414a38e57402b4c3bd31d51afb511818eed51d10da09d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 12:48:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 16-Sep-2022 12:48:00 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://westudents.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Fri, 16-Sep-2022 12:48:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 12:48:00 GMT
last-modified: Fri, 16-Sep-2022 12:48:00 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946elviuuw%3Afp%3A1155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A584001063082%3Ahid%3A721989222%3Az%3A0%3Ai%3A20220916124800%3Aet%3A1663332481%3Ac%3A1%3Arn%3A89979889%3Arqn%3A1%3Au%3A1663332481157528527%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663332477882%3Ads%3A13%2C80%2C84%2C81%2C0%2C0%2C%2C915%2C6%2C%2C%2C%2C1174%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663332481%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://westudents.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 16-Sep-2022 12:48:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 96ms
96ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:00 GMT
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
etag: "6323e622-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 16 Sep 2022 13:48:00 GMT

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3161 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 11:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 11:55:25 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4C7A 28 KB
28 KB 131ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 15:49:18 GMT
x-content-type-options: nosniff
age: 593923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 15:49:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 172ms
90ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1867a8977391b031fed8cb39497bda349822381f25738eeffd27bac25050e28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 12:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11122
x-xss-protection: 0

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DC4 36 KB
16 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663332479&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663332479330&bpp=1&bdt=1269&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8338846620928&frm=20&pv=1&ga_vid=84230781.1663332479&ga_sid=1663332480&ga_hid=196884849&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767667&oid=2&pvsid=2040432990877294&tmod=276764053&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NDBxatMWvi&p=http%3A//westudents.com.ua&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 11:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 11:55:25 GMT

GET
H2 200 share.php Show response
vk.com/ Frame 695E 22 B
568 B 284ms
95ms Script
text/html 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_1663332481036446

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.112185

Resource Hash

fd85cbb53220f64d9ed87abf4752bfa0a8b3fb7e8167fce81afe0d792286e079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.112185
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 42

GET
H2 200 share.php Show response
vk.com/ Frame 695E 21 B
568 B 286ms
98ms Script
text/html 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1663332481037177

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.112185

Resource Hash

c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.112185
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 41

GET
H2 200 dk Show response
connect.ok.ru/ Frame 695E 25 B
2 KB 306ms
83ms Script
application/javascript 217.20.152.207
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fwestudents.com.ua&callback=callback__utl_cb_share_1663332481038227

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.152.207 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

ip207.152.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dk Show response
connect.ok.ru/ Frame 695E 25 B
2 KB 342ms
119ms Script
application/javascript 217.20.152.207
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1663332481039941

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.152.207 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

ip207.152.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 695E 86 B
379 B 419ms
182ms Script
application/javascript 92.123.36.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_1663332481040538

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.36.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-36-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

7a48a7a25181a136c7f1cebec01b82bc2c9fcfcff0f743c788edb013c767d801

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.a6611702.1663332481.73ba482
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1804556634281776
content-length: 86
expires: Fri, 16 Sep 2022 13:03:01 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 695E 96 B
389 B 420ms
182ms Script
application/javascript 92.123.36.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1663332481040414

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.36.231 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-36-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

d73ec2e6d954732fe391a388b04c51ecf63872400ad4b1b93f7d279ad55680a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.a6611702.1663332481.73ba487
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1176153557772408
content-length: 96
expires: Fri, 16 Sep 2022 13:03:01 GMT

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 695E 83 B
670 B 277ms
85ms Script
text/javascript 94.100.180.54
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit769&url_list=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_1663332481041393

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

b09c9e24233fcf4e74d05eed5b4dbe22e6d392318dcb92089c71a600c5c2a1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:48:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 83
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 695E 93 B
680 B 288ms
90ms Script
text/javascript 94.100.180.54
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit915&url_list=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1663332481041407

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

3cb21c3145bb69840007a818880cf112a2425bcdbc20d66d1fcac8791ed8c0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 12:48:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 93
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame FA18 14 KB
4 KB 82ms
82ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 16 Sep 2022 12:48:01 GMT
Expires: Fri, 16 Sep 2022 13:18:01 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 12:48:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F70 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:47:42 GMT
expires: Sat, 16 Sep 2023 12:47:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CD40 783 B
533 B 137ms
52ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0152e0534f24369ddbd183bff4ae5bfcca35160b398ccb12e01de0a93bf5406c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vkAGuxmITFmIdeqyMaM3lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-vkAGuxmITFmIdeqyMaM3lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:48:01 GMT
expires: Fri, 16 Sep 2022 12:48:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F70 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 11:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16105
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 11:55:25 GMT

GET
H/1.1 204
No Content upd Show response
w.uptolike.com/widgets/v1/ Frame 695E 0
154 B 84ms
84ms Script
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/upd?id=vk&pid=1350981&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dvk&c=17&callback=callback__utl_cb_share_166333248132476
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Sep 2022 12:48:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CD40 0
0 76ms
75ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2040432990877294&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F70 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ma7Y4A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:48:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=2040432990877294&bg=!BgWlBUHNAAZqQh0mSkI7ACkAdvg8Wp53JKmHik-QQUUxs2TB4pJ8bchnSMW7555DO2HKDr6TGb0h3QIAAABbUgAAAAJoAQeZApJct4fqkabfg0ZQ88r7dyRNZ3fvwqJtwDSg8dWFZ5Bs5HxqhXjRexw8inDcBjzYkGq2GNf3b4gBr51QqDi0mkJMop6SoSaY5pAus6eJIKbsayGLVEyMcZTbHe44xVI4caBLsCNZsYb7bjDUy9LujXi0VylJKqiMBzB3GCkBfqawhey9hrf_uniSVz61Eu0XZe9SNBZzEreVxx-xxW6wNh7aTI0S1m0jFvHdqNX2CgWZp0ToGO4cxybjyR57fk11fVUDrxShGl7qxFrJmIJGxt3npZDnAngIAcpLdFdbDuSXPBABzpkTZKsQyQok05sfs-IEnmMIEM0YSyrMvABGETnJr2ESM5yrnau8CkX7xX5o4Ih4Y9JUF6vLRP3an6VwxJCN2Er0aLe4Cxzo3FM-mW68G0_QCU9qsptBw79clDhoPhAnAiYI-ls7B-wZrjvqD0qlkplGaipDXMKNtyNeoqtEa34-v7b0e1hLJ9gEgCK0xxNjiHSbjzr1N2lbgW5mmQKu_CXCV4qngEmNQ_ERjFAqcWC_n8mBSp_qBuY-mlQt8FuX5lJXj5q-7EulErhmmteg16eQ70E12JFULP7iR4PLKY6XUyE_r5T_FEltW_WGCN92sJXl73M5wWo4qoi5NN2tjx-KVPnau1yBc1fIXtd7RI73ie2Hsyd0Yn3Nk0X8jwITxZvaJje2PLe7Gxzr3D1jkPij3qq_hIHvEx7H643us1kDTUtM-2-wlLod_IS0cJngny3vEMJi3BX7mGYmHUBNoFJMRx-cjtm5NzAa9ywRWuosFfv7lQ6zWmy50ZbYUIWmrH4YIA9GJwc73IONlMKdargEHrjgtTeAv9GCcvtFECzxRhVpcOyhM9on22uQ233J
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D9DE 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv63XJh6N9Zt9DXV6AV8C6EGr1TlnFaP7Q1vYiZuECrk9WIw6fIMz5i71Ow8DaZuO_6NxFy2DJaB9PvImUL5ROarr9ugB8qZvNBBuyJ1CBcuU59MyoTJ-LUsKHPW0ZlMk0BXCkwmw&sai=AMfl-YQQ0qSy-pNWzknK1k_u6mMkRwO655r0nmcy-DoYePkMO74jnhTqehBqsIjm3SdsHprx8JSeFAkIgqEl&sig=Cg0ArKJSzLcJzjQxRMblEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1667669443&rs=2&la=0&cr=0&vs=4&r=v&rst=1663332479673&rpt=1282&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 12:48:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4C7A 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuraZUJ-H5hNHD4Cv11l2bo_tD5H6wcs_EieDkoi0d2CtLKq2V6z61vAMIsILulbxdVy4ZvcsZFMR03-pTM2Z4JqTjUDkBSyExsSZ8rICOhmanIAY0eThicEDFFKzGSQ6qlkjzudQ&sai=AMfl-YTUkS2-ryGXsCkYz8Tpj6IQQcMUIvtl84Tzm14HxL9Bll802NLi3FFqsqTmQtMJLipkYNylfuz93_EV&sig=Cg0ArKJSzHVvtlpaXBNxEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3970222355&rs=2&la=0&cr=0&vs=4&r=v&rst=1663332479666&rpt=1326&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 12:48:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.westudents.com.ua/	1970-01-20 15:38:12	Name: _ga Value: GA1.3.84230781.1663332479
.westudents.com.ua/	1970-01-20 06:03:38	Name: _gid Value: GA1.3.906157314.1663332479
.westudents.com.ua/	1970-01-20 06:02:12	Name: _gat_gtag_UA_109056477_1 Value: 1
.yadro.ru/	1970-01-20 14:47:14	Name: FTID Value: 1Z971_3WEBeP1Z971_003V30
.w.uptolike.com/	1970-01-20 15:38:12	Name: utl_id2 Value: 28809284967
.w.uptolike.com/	1970-01-20 15:38:12	Name: utl_dat Value: "CMHj3bK0MBAAIMG0qLu0MCjBtKi7tDAwAO1loj0v2tKnG/vUMi8irNo="
.yadro.ru/	1970-01-20 14:47:14	Name: VID Value: 0KCOLd3VKx8P1Z971_003V3h
.westudents.com.ua/	1970-01-20 15:23:48	Name: __gads Value: ID=f3c7de0291826a89-226fdeef23ce00b4:T=1663332479:RT=1663332479:S=ALNI_MavTCPgX9DyKPZnC9fo85Xb_e_HOg
.cdn.smntq.com/	1970-01-20 15:38:12	Name: smart Value: 1be565e3d3db4f138ae64ed99bc4eac7
.doubleclick.net/	1970-01-20 15:23:48	Name: IDE Value: AHWqTUk-ymuQ9ZKE2QYTGWJyeRKDi225ehFjeUH9o1JQOthM3z26cv-SMKaYMazd__E
.doubleclick.net/	1970-01-20 06:02:16	Name: DSID Value: NO_DATA
.westudents.com.ua/	1970-01-20 14:47:48	Name: _ym_uid Value: 1663332481157528527
.westudents.com.ua/	1970-01-20 14:47:48	Name: _ym_d Value: 1663332481
.yandex.ru/	1970-01-20 14:47:48	Name: yandexuid Value: 3665531041663332480
.yandex.ru/	1970-01-20 14:47:48	Name: yuidss Value: 3665531041663332480
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 608271391663332480
.yandex.ru/	1970-01-20 15:38:12	Name: i Value: EBjNqsKHOTCtEmk7+oV+DD4vLf3sF53Vn+h87SkGtaS++qIMfhh1uOdiHgHKy2mwagR+hvqwa+zAuMpnWzn//2AZhmg=
.yandex.ru/	1970-01-20 14:47:48	Name: ymex Value: 1694868480.yrts.1663332480#1694868480.yrtsi.1663332480
.westudents.com.ua/	1970-01-20 06:03:24	Name: _ym_isad Value: 2
.vk.com/	1970-01-20 14:56:39	Name: remixlang Value: 3
.vk.com/	1970-01-20 14:47:48	Name: remixstlid Value: 9075677555361951155_XmBD8JJcLXuiHePyWSBKoZhvIyLxWO7OhcAoMEqWtNP

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
af.click.ru
api.pinterest.com
cdn.smntq.com
connect.mail.ru
connect.ok.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
postabuse.ru
prespan.ru
s0.2mdn.net
tpc.googlesyndication.com
vk.com
w.uptolike.com
westudents.com.ua
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.98
217.197.112.80
217.20.152.207
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:6b8::1:119
62.109.31.26
87.240.137.164
88.212.202.52
92.123.36.231
94.100.180.54
94.250.254.126
95.142.40.16
95.163.114.204
95.217.109.66
0000f2da5b41f0afdea3eb387de6032482859d0c2f2d54aa2ab57e104329dcf0
0152e0534f24369ddbd183bff4ae5bfcca35160b398ccb12e01de0a93bf5406c
0bb9a543d6729f51a883b23be6010e8211cebc56db711baa2b52de74107c8651
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
13d586a3982c7802d4a494f401b7bd85e7269cf283eb8b19687dab6603642acb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1867a8977391b031fed8cb39497bda349822381f25738eeffd27bac25050e28f
27357951e2762a8adf71c13ae7e0e03b5ecee8e87017238183e7cfffdb428f88
294e1c4ee4097bb8dbb98129edce05e99af2d7736632b89ceb0d920972250938
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f4adacb94e40d00b456b464c12c573aeba4f3bb6a7e7fda8e58c312a5ad66b6
30515384f1a234cdaf9fd95c5b6752a99811601e265f934154e46d565a592749
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3cb21c3145bb69840007a818880cf112a2425bcdbc20d66d1fcac8791ed8c0ff
3cbc19c85c969eee8000c35b2c167c5889523980953cd63869c73d14f63d400f
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
42e9385cea8164b34b0617860d86b6ba3844e4a92484d8d24142522d6df6a959
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b6755fa117ce7885e5ef0c47fd833e6d6e9383bc173087ccaf7f80ae8053ceb
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
5461cd3752d76af082daaec1ae4b0605d92fa4da2e816924524906e4606771ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ef03d404ec29d9c8c4766a73f27e6dd748c23defc52450ae3672a71b8d439e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
66bf899fb41b6b0fe0332b7904078e92802ffe7da098bba5789580baa6d4f872
6717870be9fbd77c1521d1c3a5b76c3fbce1067b28d383614f2d112f22aecaec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a48a7a25181a136c7f1cebec01b82bc2c9fcfcff0f743c788edb013c767d801
7a6b1e8e30fc9306b5819c669860b1669ca906d053f5b4fd2e77c523554f788c
7c9609f8db0ff59d42fc0f679aa1e929639ff79c494dc239957ef8a98a5023b1
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b09c9e24233fcf4e74d05eed5b4dbe22e6d392318dcb92089c71a600c5c2a1d9
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e
b9f24a63dadc9feb4aac20af566de912f12df1df7199cc39b2c7c7f51dcd716a
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0
c9d178aba2d671de21fb6ba1cc6f6eba107f351ae106e929b130c1ce2d188491
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d73ec2e6d954732fe391a388b04c51ecf63872400ad4b1b93f7d279ad55680a9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
de2b8c11b3e4abe0f9414a38e57402b4c3bd31d51afb511818eed51d10da09d4
e2b7020caf17bf468c11f3dcda680415db184ab3f4383b00e3ccf2a2afe2b5aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea76f2a18d5030943f43a004bb60403831e7b187f7c95539698872f069eac55c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0815f17335520129819014d8b2497e921557b8f71b33c01badbd07a46c01d65
f49bd72e6bae4d1803162659b45335d1f58883eb2bd4a10d808447ee1c66ac35
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fd85cbb53220f64d9ed87abf4752bfa0a8b3fb7e8167fce81afe0d792286e079

westudents.com.ua Open in urlscan Pro 95.142.40.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

85 %HTTPS

54 %IPv6

23 Domains

26 Subdomains

27 IPs

5 Countries

941 kBTransfer

2226 kBSize

21 Cookies

1 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

westudents.com.ua Open in urlscan Pro
95.142.40.16 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

85 %
HTTPS

54 %
IPv6

23
Domains

26
Subdomains

27
IPs

5
Countries

941 kB
Transfer

2226 kB
Size

21
Cookies

82 HTTP transactions
5 data transactions