www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buhoblik.org.ua/
Effective URL:
https://www.buhoblik.org.ua/
Submission: On October 25 via api (October 25th 2022, 2:02:50 am UTC) from GB — Scanned from GB

Summary HTTP 102 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 25 domains to perform 102 HTTP transactions. The main IP is 2a06:6440:0:2d02::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.buhoblik.org.ua.
TLS certificate: Issued by R3 on October 3rd 2022. Valid for: 3 months.

This is the only time www.buhoblik.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	2a06:6440:0:2... 2a06:6440:0:2d02::1	200000 (UKRAINE-AS) (UKRAINE-AS)
1 1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
10	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 2	95.216.186.40 95.216.186.40	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:41d0:602... 2001:41d0:602:3b8e::	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
8	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3 3	3.125.244.197 3.125.244.197	16509 (AMAZON-02) (AMAZON-02)
1 1	141.95.171.142 141.95.171.142	16276 (OVH) (OVH)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
2 2	52.212.137.183 52.212.137.183	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
102	31

11 2a06:6440:0:2d02::1 (Ukraine) 2 redirects

ASN200000 (UKRAINE-AS, UA)

buhoblik.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buhoblik.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.186.40 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de

xn--r1a.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tttttt.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:602:3b8e:: (France)

ASN16276 (OVH, FR)

avto-oblik.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.149 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.244.197 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-244-197.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.137.183 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-137-183.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	342 KB
15	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 43529 inv-nets.admixer.net — Cisco Umbrella Rank: 2396	200 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 680 pix.eu.criteo.net — Cisco Umbrella Rank: 8015 csm.eu.criteo.net — Cisco Umbrella Rank: 8166	431 KB
11	buhoblik.org.ua 2 redirects buhoblik.org.ua www.buhoblik.org.ua	230 KB
8	criteo.com 1 redirects rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14559 ads.eu.criteo.com — Cisco Umbrella Rank: 7867 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9829 bidder.criteo.com — Cisco Umbrella Rank: 763 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	49 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	91 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	118 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 78 mts0.google.com — Cisco Umbrella Rank: 4659 www.google.com — Cisco Umbrella Rank: 2	74 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
3	creativecdn.com 1 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6233 creativecdn.com — Cisco Umbrella Rank: 657	859 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	140 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 756	828 B
2	onaudience.com 2 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 12718	1009 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 278	17 KB
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 17928	339 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 83483	351 B
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 590	42 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	700 B
1	avto-oblik.com.ua avto-oblik.com.ua	72 KB
1	tttttt.me tttttt.me
1	xn--r1a.website 1 redirects xn--r1a.website — Cisco Umbrella Rank: 752601	464 B
1	google.com.ua 1 redirects www.google.com.ua — Cisco Umbrella Rank: 19315	320 B
102	25

	Domain	Requested by
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	cdn.admixer.net	www.buhoblik.org.ua cdn.admixer.net
10	pagead2.googlesyndication.com	www.buhoblik.org.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.buhoblik.org.ua	www.buhoblik.org.ua
8	static.criteo.net	ads.eu.criteo.com cdn.admixer.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	inv-nets.admixer.net	cdn.admixer.net www.buhoblik.org.ua
4	fonts.gstatic.com	fonts.googleapis.com
3	x.bidswitch.net	3 redirects
3	pix.eu.criteo.net	ads.eu.criteo.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	www.buhoblik.org.ua googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	bidder.criteo.com	static.criteo.net
2	creativecdn.com	1 redirects www.buhoblik.org.ua
2	sync.crwdcntrl.net	2 redirects
2	pixel-eu.onaudience.com	2 redirects
2	ib.adnxs.com	1 redirects www.buhoblik.org.ua
2	mts0.google.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	ssl.google-analytics.com	www.buhoblik.org.ua
2	buhoblik.org.ua	2 redirects
1	mug.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	green.erne.co	1 redirects
1	m.trafmag.com	www.buhoblik.org.ua
1	image8.pubmatic.com	www.buhoblik.org.ua
1	prebid-eu.creativecdn.com	cdn.admixer.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	avto-oblik.com.ua	www.buhoblik.org.ua
1	tttttt.me	www.buhoblik.org.ua
1	xn--r1a.website	1 redirects
1	www.google.com.ua	1 redirects
102	39

This site contains no links.

Subject Issuer	Validity	Valid
www.buhoblik.org.ua R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tttttt.me R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh
www.avto-oblik.com.ua R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.buhoblik.org.ua/
Frame ID: B4BB26E3C40BA8E0371799C3299C7A16
Requests: 43 HTTP requests in this frame

Frame: https://tttttt.me/buhoblik_org_ua
Frame ID: 74C06E6EC28C70DF8A1AA89B5E99651D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: 162811FB9CAB4C932D720C97C431E7B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364205&bpp=7&bdt=560&idt=156&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=879915989181&frm=20&pv=2&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UarHAZHEME&p=https%3A//www.buhoblik.org.ua&dtd=178
Frame ID: 7607E52F24E5F038EC94114566D2EB0A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190
Frame ID: 9D60B5BC663B9145155A98BF236D18AD
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364233&bpp=4&bdt=588&idt=189&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=E0Usdg8Y9Q&p=https%3A//www.buhoblik.org.ua&dtd=192
Frame ID: CE92F3620414D9A1FD5F311216EC898B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1666663363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364241&bpp=2&bdt=596&idt=200&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C730x280&nras=1&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=1609923008&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=205
Frame ID: 3A4E6D807D83EA1336897AE15A2B0B1E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 45A4D034B57465944DFF1E317020A663
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 3368404BCAECCE5000258D65B4966DC4
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1dDxAAHrlcK4CcCAAoQ047BtWDY5LL6JMzLTg&u=%7CZ5Goo%2BVpWEgNnI%2BkVGeghRnhd%2BacNmhYPlWXsOWy75w%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6ziEzHnRQPmm8hAoZUVgSTVfEE1P_a8vM-JQNtbjbqeExzkYPIggeJ4SwEplC44RDdppJV58ZB9iLx1ItuFnsf0t-zVzSxXH4_txoo2z3xUuw0K9dhG5Jx_tg4eduJLHULC-f5s54hTX7KsqRYT-S4DLDbNhk6PAjHAZb9hueIILFoH0lrhiJX6FF7sMzYBceLRt0ss_CU1iWGWp6Ym86WR6OFbmJJx-QQfHl5JI_Ds6KHx02ofgGt3QR03N0x25Bvkg3D0DeEVMLvs1pO3aPJ_NmS3YC5b-stuLhvPmwAbkUNsyF5AVTfyU3qHwr89sbDRTyiIolVcGdxbzVP9Do3XEv6Y0Rl_VS7rhFcng6qMxkX_VP82AEYsJIk5eW0aAYWApZRvJlkIlahdqoWJlM67BZIyBTu7CZHRaL_hyi21UwiqqPatGQSL_bsJDtlBc_r141WvZfd0-TiqIs3lVIri_tVa0t-H_EoPveb_9SA2_EvBb_iZJcyJdfp5A6mpUSsT_ooUBQE7s1jd9VmargcPVM_61IVc78Ras5LWgZecYTKb1BMkUUO8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8wRWxENXY9fcHoLOgAfToaiIA-SP0rFcl9LnhLMBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAqQFQCx-67I-qAMBqgTpAU_Qq6vgedLDxZS3CQkXlTwanE5JbMGiEpwSiB2kx6Bup_RDAITM9Cy0vpkXnqvZGe_8iQsjE76XijvmHOAoQpcfo4ignCN2ykwiUKKXEjeNSc2H9xt-ipyuBLw8AWZW08KUHOsNUErLgI-HWG3nUV-g2cAIdvR5cM8Q3JpVtHBFCFohIP246BlTHUOluKJkTJXfStgfeRIJ4hhUN5D3Ryn4IFElJ3nl1j-8IzUqd8-5pN21UXWwUtxA19m681iq3QFFLvcklSGpvwnji0mUQWa2SFPZUPR4eycyjBhAF2XIf7ovRlEs039tgAbzsK6zzaequHSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nOHUFcl5QjVB_5aYh5bNsORIVNQ%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: C73B2523E6023B1BF21D9106553BED9A
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 8BD286B226D839FDBA5CD3DE01A55E60
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 7EE94607626F13D27247A1376C86B00B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua
Frame ID: 6A436EC2502BE40DAA223E5894B03CAE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 344E46BF20DD6B958240100D579CFFEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4357029D79AE0D408E685378808771BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бухучет в Украине : Бухгалтерский и налоговый учет

Page URL History Show full URLs

http://buhoblik.org.ua/ HTTP 301
https://buhoblik.org.ua/ HTTP 301
https://www.buhoblik.org.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

102
Requests

95 %
HTTPS

57 %
IPv6

25
Domains

39
Subdomains

31
IPs

8
Countries

1769 kB
Transfer

3831 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buhoblik.org.ua/ HTTP 301
https://buhoblik.org.ua/ HTTP 301
https://www.buhoblik.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 10

https://xn--r1a.website/s/buhoblik_org_ua HTTP 302
https://tttttt.me/buhoblik_org_ua

Request Chain 84

https://ib.adnxs.com/setuid?entity=533&code=1863ad58d2a74073a035b49766607004 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D1863ad58d2a74073a035b49766607004

Request Chain 87

https://x.bidswitch.net/sync?ssp=admixer&user_id=1863ad58d2a74073a035b49766607004&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=1863ad58d2a74073a035b49766607004&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admixer&gdpr=&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=805bf736f334cf19/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253D0E2y59DCSaVhMTYUMYYWjMbR%2526ssp%253Dadmixer HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=805bf736f334cf19/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253D0E2y59DCSaVhMTYUMYYWjMbR%2526ssp%253Dadmixer HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D0E2y59DCSaVhMTYUMYYWjMbR%26ssp%3Dadmixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=0E2y59DCSaVhMTYUMYYWjMbR&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=84967be5-4e0b-4a6a-9be1-46769893db78&gdpr=&consent=&gdpr_pd=

Request Chain 88

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 105

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hpFLYnxYSGFWNDF6ZEk2SHVvUHVIY3lMWUJUbkJQWTBieDRmZFdoWDd1dmtJRWhha3ovSGVkZll3NmIwbmJEeURtUXpyS21xRzVQcmo3bjZaWUtmczFrRFF4MkE2SENVNEdXaWNEN0lLSlBZa2lrKy9vUDc0R1JLQnFlVDNzakUySWEyWWViODVWaGNnWXd0TElsbDZKYm01MjhEYlRTblF4aHVvSzY1czRYaGo4MVJMTmY5QWJBYlVyZS91YjJpMXZoYnRpZm9wY2hkaDcrVThVUDBLK3RJdGdLQUFiRWkvK0JrRm9saFBkYXptVERIWks0NGhrVXA5dlNDdXBXczdrT3BWYUZlS2NrZDJHSGIzSzkycy85QVlwZz09fA&cppv=2

102 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.buhoblik.org.ua/
Redirect Chain

http://buhoblik.org.ua/
https://buhoblik.org.ua/
https://www.buhoblik.org.ua/

85 KB
15 KB

387ms
323ms

Document
text/html

2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 525b3ccc055a1bf89b7782ef779570dc6b61d8bf607bb7cfc07443e55dc38a5a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
content-encoding: gzip
content-length: 15373
content-type: text/html; charset=utf-8
date: Tue, 25 Oct 2022 02:02:43 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Tue, 25 Oct 2022 02:02:43 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-ray: p953:0.180/wn25401:0.180/wa25401:D=177415

Redirect headers

cache-control: max-age=0
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Tue, 25 Oct 2022 02:02:43 GMT
expires: Tue, 25 Oct 2022 02:02:43 GMT
location: https://www.buhoblik.org.ua/
server: nginx
x-ray: p953:0.010/wn25401:0.000/wa25401:D=3228

GET
H2 200 937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
www.buhoblik.org.ua/media/com_jchoptimize/cache/css/ 161 KB
23 KB 149ms
147ms Stylesheet
text/css 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/media/com_jchoptimize/cache/css/937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:43 GMT
x-ray: p953:0.000/wn25401:0.000/
content-encoding: br
last-modified: Sat, 15 Oct 2022 17:58:43 GMT
server: nginx
etag: W/"634af4d3-28387"
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 24 Nov 2022 02:02:43 GMT

GET
H2 200 937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js Show response
www.buhoblik.org.ua/media/com_jchoptimize/cache/js/ 137 KB
44 KB 292ms
291ms Script
application/javascript 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/media/com_jchoptimize/cache/js/937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:43 GMT
x-ray: p953:0.011/wn25401:0.000/
content-encoding: br
last-modified: Sat, 15 Oct 2022 17:58:43 GMT
server: nginx
etag: W/"634af4d3-223b2"
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 24 Nov 2022 02:02:43 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

129ms
41ms

Script
text/javascript

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 06:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 25 Oct 2022 06:23:52 GMT

Redirect headers

date: Tue, 25 Oct 2022 02:02:43 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Tue, 25 Oct 2022 02:32:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 167ms
78ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69618242a2b800b7dbce5d7fc9a55c818ede86c99d0fcb65bbb6406f795da5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55236
x-xss-protection: 0
server: cafe
etag: 2227404035212449465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:02:44 GMT

GET
H2 200 list_black.png
www.buhoblik.org.ua/images/ 417 B
634 B 73ms
72ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/list_black.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Thu, 27 Aug 2015 18:43:06 GMT
server: nginx
etag: "55df5a3a-1a1"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 417
expires: Thu, 24 Nov 2022 02:02:44 GMT

GET
H2 200 youtube-32.png
www.buhoblik.org.ua/images/ 918 B
1 KB 73ms
72ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/youtube-32.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Sat, 21 Mar 2020 22:41:20 GMT
server: nginx
etag: "5e769810-396"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 918
expires: Thu, 24 Nov 2022 02:02:44 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 148ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19392e586d8d5cde9d88deb36bf86d690ece77016dfa2de4081676b99de4534c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Origin: https://www.buhoblik.org.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55215
x-xss-protection: 0
server: cafe
etag: 7278335234133637749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:02:44 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 556ms
118ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-10-25T02:01:27+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:45:59 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 01:51:04 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 700
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 25 Oct 2022 03:51:04 GMT

GET
H2 200 module-main3.png
www.buhoblik.org.ua/images/ 70 KB
70 KB 73ms
72ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/module-main3.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Sun, 13 Feb 2022 17:15:45 GMT
server: nginx
etag: "62093cc1-11743"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 71491
expires: Thu, 24 Nov 2022 02:02:44 GMT

GET
H/1.1

200
OK

buhoblik_org_ua
tttttt.me/ Frame 74C0
Redirect Chain

https://xn--r1a.website/s/buhoblik_org_ua
https://tttttt.me/buhoblik_org_ua

0
0

413ms
191ms

Document
text/html

95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tttttt.me/buhoblik_org_ua

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://web.telegram.org
Strict-Transport-Security	max-age=35768000

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors https://web.telegram.org
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Oct 2022 02:02:44 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=35768000
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Oct 2022 02:02:44 GMT
Location: https://tttttt.me/buhoblik_org_ua
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=35768000

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 353 KB
116 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c28c6807bf38d37b91eb97884b6347924aeaf2ec43376582e16e43a722a1ef1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118749
x-xss-protection: 0
server: cafe
etag: 1603723259567083105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:02:44 GMT

GET
H2 200 num_star.png
www.buhoblik.org.ua/images/ 2 KB
2 KB 170ms
170ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/num_star.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Tue, 03 Jan 2017 22:58:31 GMT
server: nginx
etag: "586c2c97-652"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1618
expires: Thu, 24 Nov 2022 02:02:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame 1628 10 KB
5 KB 128ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 36764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 15:50:00 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 15:50:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pdf-sborniki-vnizu-115-2022.png
avto-oblik.com.ua/images/ 72 KB
72 KB 276ms
114ms Image
image/png 2001:41d0:602:3b8e::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avto-oblik.com.ua/images/pdf-sborniki-vnizu-115-2022.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:602:3b8e:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
x-ray: wn37539:0.000/
last-modified: Mon, 27 Dec 2021 15:47:26 GMT
server: nginx
etag: "61c9e00e-1201c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 73756
expires: Thu, 24 Nov 2022 02:02:44 GMT

GET
H2 200 dovidnik-buhgaltera-238.png
www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/ 16 KB
16 KB 265ms
265ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/dovidnik-buhgaltera-238.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Wed, 26 Jul 2017 08:14:12 GMT
server: nginx
etag: "59784f54-3eb3"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16051
expires: Thu, 24 Nov 2022 02:02:44 GMT

GET
H2 200 sidebar-uchet-2021.png
www.buhoblik.org.ua/images/ 58 KB
58 KB 266ms
265ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/sidebar-uchet-2021.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Wed, 06 Apr 2022 09:28:41 GMT
server: nginx
etag: "624d5d49-e758"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 59224
expires: Thu, 24 Nov 2022 02:02:44 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 131ms
48ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1997760531&utmhn=www.buhoblik.org.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&utmhid=1478700019&utmr=-&utmp=%2F&utmht=1666663364333&utmac=UA-23922474-1&utmcc=__utma%3D21695912.802113546.1666663364.1666663364.1666663364.1%3B%2B__utmz%3D21695912.1666663364.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=624559036&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:02:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
700 B 140ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.buhoblik.org.ua&callback=_gfp_s_&client=ca-pub-5630956766216465&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b646480f4337325d42bbfabd1d398c13e979a890f5f974b272474c756038ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 202ms
50ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.buhoblik.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 144ms
55ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.buhoblik.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7607 126 KB
38 KB 572ms
489ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364205&bpp=7&bdt=560&idt=156&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=879915989181&frm=20&pv=2&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UarHAZHEME&p=https%3A//www.buhoblik.org.ua&dtd=178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2e9d7b646c432646cba0cf9f31cf25c52af0e1c0b0dff89ed6ac8ac82c6b784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39095
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:02:44 GMT
expires: Tue, 25 Oct 2022 02:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D60 126 KB
38 KB 568ms
516ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31f766b95dc4a759df34d63ca5516983accfdb7f25b96448d1180487fc7ecd67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39039
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:02:44 GMT
expires: Tue, 25 Oct 2022 02:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE92 23 KB
10 KB 461ms
419ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364233&bpp=4&bdt=588&idt=189&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=E0Usdg8Y9Q&p=https%3A//www.buhoblik.org.ua&dtd=192

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0f5bffaeb764aa70680c3eb8601df393b59f9095e9f8d00207ffec66736b88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:02:44 GMT
expires: Tue, 25 Oct 2022 02:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A4E 0
19 B 106ms
86ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1666663363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364241&bpp=2&bdt=596&idt=200&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C730x280&nras=1&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=1609923008&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:02:44 GMT
expires: Tue, 25 Oct 2022 02:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 45A4 738 B
519 B 113ms
112ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 25 Oct 2022 02:02:44 GMT
etag: W/"63049f42-2e2"
expires: Wed, 25 Oct 2023 16:09:35 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-10-24T16:09:35+00:00
x-id: fr5-up-gc29

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 120ms
120ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-10-03T04:11:17+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 04 Oct 2023 04:11:17 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 130ms
129ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-10-04T09:29:29+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 05 Oct 2023 09:29:29 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 3368 738 B
405 B 122ms
122ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 25 Oct 2022 02:02:44 GMT
etag: W/"63049f42-2e2"
expires: Wed, 25 Oct 2023 16:09:35 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-10-24T16:09:35+00:00
x-id: fr5-up-gc29

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame CE92 3 KB
1 KB 136ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364233&bpp=4&bdt=588&idt=189&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=E0Usdg8Y9Q&p=https%3A//www.buhoblik.org.ua&dtd=192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame CE92 17 KB
8 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE92 152 KB
47 KB 140ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 02:02:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CE92 0
0 129ms
128ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmXpIxENXY9fcHoLOgAfToaiIA-SP0rFcl9LnhLMBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAqQFQCx-67I-qAMBqgTmAU_Qq6vgedLDxZS3CQkXlTwanE5JbMGiEpwSiB2kx6Bup_RDAITM9Cy0vpkXnqvZGe_8iQsjE76XijvmHOAoQpcfo4ignCN2ykwiUKKXEjeNSc2H9xt-ipyuBLw8AWZW08KUHOsNUErLgI-HWG3nUV-g2cAIdvR5cM8Q3JpVtHBFCFohIP246BlTHUOluKJkTJXfStgfeRIJ4hhUN5D3Ryn4IFElJ3nl1j-8IzUqd8-5pN21UXWwUtxA19m681iq3UNHD2X3N9OsLPvsE8rw3c21XFllWtpgoKmp6IThqHvkZ2uorFS_gAbzsK6zzaequHSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=uCj9yxiPJeM&uach_m=[UACH]&cid=CAQSGwDq26N9Je4IO_IKVcKH2UuiKYTY7Fmc6BIl4xgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364233&bpp=4&bdt=588&idt=189&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=E0Usdg8Y9Q&p=https%3A//www.buhoblik.org.ua&dtd=192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 02:02:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Oct 2022 02:02:44 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame CE92 0
0 166ms
35ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqPSEr_6RNoFmAKH-lcYAgAAAO5igEQ3rr8m2nHJuhDDQ1dj2r-XD5mRAk0JivIAEgAA&wp=Y1dDxAAHrlcK4CcCAAoQ047BtWDY5LL6JMzLTg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 281284
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C73B 115 KB
41 KB 271ms
99ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1dDxAAHrlcK4CcCAAoQ047BtWDY5LL6JMzLTg&u=%7CZ5Goo%2BVpWEgNnI%2BkVGeghRnhd%2BacNmhYPlWXsOWy75w%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6ziEzHnRQPmm8hAoZUVgSTVfEE1P_a8vM-JQNtbjbqeExzkYPIggeJ4SwEplC44RDdppJV58ZB9iLx1ItuFnsf0t-zVzSxXH4_txoo2z3xUuw0K9dhG5Jx_tg4eduJLHULC-f5s54hTX7KsqRYT-S4DLDbNhk6PAjHAZb9hueIILFoH0lrhiJX6FF7sMzYBceLRt0ss_CU1iWGWp6Ym86WR6OFbmJJx-QQfHl5JI_Ds6KHx02ofgGt3QR03N0x25Bvkg3D0DeEVMLvs1pO3aPJ_NmS3YC5b-stuLhvPmwAbkUNsyF5AVTfyU3qHwr89sbDRTyiIolVcGdxbzVP9Do3XEv6Y0Rl_VS7rhFcng6qMxkX_VP82AEYsJIk5eW0aAYWApZRvJlkIlahdqoWJlM67BZIyBTu7CZHRaL_hyi21UwiqqPatGQSL_bsJDtlBc_r141WvZfd0-TiqIs3lVIri_tVa0t-H_EoPveb_9SA2_EvBb_iZJcyJdfp5A6mpUSsT_ooUBQE7s1jd9VmargcPVM_61IVc78Ras5LWgZecYTKb1BMkUUO8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8wRWxENXY9fcHoLOgAfToaiIA-SP0rFcl9LnhLMBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAqQFQCx-67I-qAMBqgTpAU_Qq6vgedLDxZS3CQkXlTwanE5JbMGiEpwSiB2kx6Bup_RDAITM9Cy0vpkXnqvZGe_8iQsjE76XijvmHOAoQpcfo4ignCN2ykwiUKKXEjeNSc2H9xt-ipyuBLw8AWZW08KUHOsNUErLgI-HWG3nUV-g2cAIdvR5cM8Q3JpVtHBFCFohIP246BlTHUOluKJkTJXfStgfeRIJ4hhUN5D3Ryn4IFElJ3nl1j-8IzUqd8-5pN21UXWwUtxA19m681iq3QFFLvcklSGpvwnji0mUQWa2SFPZUPR4eycyjBhAF2XIf7ovRlEs039tgAbzsK6zzaequHSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nOHUFcl5QjVB_5aYh5bNsORIVNQ%26client%3Dca-pub-5630956766216465%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c41cbcd54360d78a2ce67dbed11965071b2efc0a84c64b28b87882c6bac3a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:02:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0TZKHm0MDN2f7-iycODq3Ehgfv7Gn4LxJ0s9DpquvccE7aeqrT3rw2xml9trkhs4NfuPRJ_PzMdeiYWt6NGlTeGMeivUYfnawUkQnB-6gCxVwTSn3c4cqu-e3kXIc7SzMevaRxEcBi8su_lwc7LCVFSdwPCJk3ib3glLkFDpfWR9LJr6V0-QUT0XHgjHK4mr_PZsT8jm6raMrksaptOpIZo5VdmEvel4zLci5sCL3NwNOfIsa0DfHkhhcGz6mWeLwMmvdw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65175633
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 7607 8 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364205&bpp=7&bdt=560&idt=156&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=879915989181&frm=20&pv=2&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UarHAZHEME&p=https%3A//www.buhoblik.org.ua&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 01:46:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 02:02:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7607 2 KB
984 B 58ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7607 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMhicxENXY73gINWTgQez8ZDYCrHTysZr7uCYv8kQoJaA7JACEAEg5-TyFmC7hoCA0AqgAe6wxK0ByAEJqQKkBUAsfuuyPqgDAcgDywSqBP0BT9DrdzXsCwngbljmK5FuVweZRo3gQ2qKO48kK6V-6itUrlPJjVwfhlaeG0vItJqtw7sSD5iL_f6irsnqXg_xYQP4vPKC9S27elLsUmQDC2qZv1kqAg9N3aaBmRTW_klvLdc3YeGc3TKiSYvr6Q1PUsLZOJHBACkXQgBSn4IZclLPmaoC0czKwBnOn7H-ELgoc6jwk2x-MV66FsMSapASRbgyp-FD5FrVI3XRWg_x8LoAsd-oRoz1LbLBSJj6VBTpdNbHX8UUZe6oviLy0_2-UKdzng-dyCvEiNRBDwNujkBC90w3dZ3NORbPapKasksV6zmf-tYqPJIFM1XMEsAEqJOwq4oEkgUECAQYAZIFBAgFGASgBi6AB_rOu9ICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1cEL0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=fxsijsAgKxQ&uach_m=[UACH]&cid=CAQSGwDq26N96ZPbOvqNI_cOsQZNvv7CVMSYboFdAhgBIA4&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364205&bpp=7&bdt=560&idt=156&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&correlator=879915989181&frm=20&pv=2&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UarHAZHEME&p=https%3A//www.buhoblik.org.ua&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 02:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Oct 2022 02:02:45 GMT

GET
H2 200 data=4VCZkiL6FUB6NIW64UrAvNszlYd9WeDQe7VU0s6RIqVqcFfqaI8NEedNSytGH0pzbLnhjWZibxbUmbUEzhzFVxTl7q8
mts0.google.com/vt/ Frame 7607 35 KB
35 KB 269ms
157ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=4VCZkiL6FUB6NIW64UrAvNszlYd9WeDQe7VU0s6RIqVqcFfqaI8NEedNSytGH0pzbLnhjWZibxbUmbUEzhzFVxTl7q8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7b9a02e76f447d91b9fa71fe1cfda3921b74c7cdbc8b6d957ce928f67b6060c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35423
x-xss-protection: 0
x-server-version-bin: CggIBBCB9MOaBg==
server: scaffolding on HTTPServer2
etag: 041f3238d84cf1be
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Tue, 25 Oct 2022 03:02:45 GMT

GET
DATA 200
OK truncated
/ Frame 7607 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7607 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7607 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7607 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 9D60 8 KB
968 B 75ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 01:48:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 02:02:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9D60 2 KB
902 B 161ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 9D60 23 KB
9 KB 126ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9D60 3 KB
1 KB 139ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 9D60 17 KB
7 KB 137ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 7607 23 KB
9 KB 118ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7607 2 KB
902 B 147ms
72ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7607 3 KB
1 KB 148ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7607 17 KB
7 KB 139ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7607 152 KB
46 KB 188ms
104ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 02:02:45 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 7607 33 KB
14 KB 125ms
42ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 00:51:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D60 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuZCAxENXY5feIMiVgAfKy624CbHTysZr7uCYv8kQoJaA7JACEAEg5-TyFmC7hoCA0AqgAe6wxK0ByAEJqQKkBUAsfuuyPqgDAcgDywSqBIYCT9CJjlCjyQyJ9w1Ai6ufHS02ommMH7blMJS3q49iACUkXa1KZy7rITyJVt7VuSBYrgedVenO3AQbOvZgSbXrQCo6G9gknIOsXGMVh5iBn39ZiqNKLVJdhxJWpSmhHlfVjk6hULXEaAfEq7gqcfoymCIk78Dlpan15ZZACkWWlAz9jTXxOlmH9HibHO6yrLEfraP2ok1czUn0aqIRqexnx0U9nLSOHO6t99TY6kTHyvCr6399n902NoCeSzupPZXMD5r-jlJUR1WQpCbbs9fgj9nJfRk5i6JXSEENhDibhF5SeHPxkAeIlsz_74Xxx3Iz9Z2X4AiifF3S6gXQJNWj0ZTNnPkl08AEqJOwq4oEkgUECAQYAZIFBAgFGASgBi6AB_rOu9ICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3-ED0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=BPm6Q7s2nqQ&uach_m=[UACH]&cid=CAQSGwDq26N9wVo7TpBhCjZBef6zRBwtJwsZDgDe4RgBIA4&template_id=520

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 02:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D60 152 KB
46 KB 120ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 02:02:45 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 9D60 33 KB
14 KB 108ms
40ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 00:51:45 GMT

GET
H2 200 data=0X-33M1uqZYb-qRqJh9cJSh9V5s5-xhCcI8vJc3BtgPvMRQrh_VeMy7tkMluRWgVd0Oh97dL8qov0AqxvDfVQ35Tf5AJ
mts0.google.com/vt/ Frame 9D60 37 KB
37 KB 240ms
204ms Image
image/png 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=0X-33M1uqZYb-qRqJh9cJSh9V5s5-xhCcI8vJc3BtgPvMRQrh_VeMy7tkMluRWgVd0Oh97dL8qov0AqxvDfVQ35Tf5AJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d8de35279b292a4eb7bc04d92d6f1a55a55c05ae1be7cd413dcec1a9955b3b06

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37560
x-xss-protection: 0
x-server-version-bin: CggIBBCB9MOaBg==
server: scaffolding on HTTPServer2
etag: 09984003c3f420537
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Tue, 25 Oct 2022 03:02:45 GMT

GET
DATA 200
OK truncated
/ Frame 9D60 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9D60 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9D60 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9D60 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CE92 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a468c5e6aebcd7c6ae7292c8b27b5807cfe6881e67bba3a8250333c678607ee9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 4 KB
2 KB 168ms
77ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8738837712351986&cpv=3f7e79e1-506d-2761-2c11-fe86e6de8d35&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22648ed8d4-d9c4-0e0c-394d-6508293d5f93%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22549bda89-dd41-1b41-ab7e-6a45103204cc%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

16b04d867dfb5435d7e0005f1a402994d14486aa57c8dd9e31430bcefcd5263d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:02:45 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 1626
X-Xss-Protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C73B 2 KB
1 KB 146ms
65ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1dDxAAHrlcK4CcCAAoQ047BtWDY5LL6JMzLTg&u=%7CZ5Goo%2BVpWEgNnI%2BkVGeghRnhd%2BacNmhYPlWXsOWy75w%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6ziEzHnRQPmm8hAoZUVgSTVfEE1P_a8vM-JQNtbjbqeExzkYPIggeJ4SwEplC44RDdppJV58ZB9iLx1ItuFnsf0t-zVzSxXH4_txoo2z3xUuw0K9dhG5Jx_tg4eduJLHULC-f5s54hTX7KsqRYT-S4DLDbNhk6PAjHAZb9hueIILFoH0lrhiJX6FF7sMzYBceLRt0ss_CU1iWGWp6Ym86WR6OFbmJJx-QQfHl5JI_Ds6KHx02ofgGt3QR03N0x25Bvkg3D0DeEVMLvs1pO3aPJ_NmS3YC5b-stuLhvPmwAbkUNsyF5AVTfyU3qHwr89sbDRTyiIolVcGdxbzVP9Do3XEv6Y0Rl_VS7rhFcng6qMxkX_VP82AEYsJIk5eW0aAYWApZRvJlkIlahdqoWJlM67BZIyBTu7CZHRaL_hyi21UwiqqPatGQSL_bsJDtlBc_r141WvZfd0-TiqIs3lVIri_tVa0t-H_EoPveb_9SA2_EvBb_iZJcyJdfp5A6mpUSsT_ooUBQE7s1jd9VmargcPVM_61IVc78Ras5LWgZecYTKb1BMkUUO8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8wRWxENXY9fcHoLOgAfToaiIA-SP0rFcl9LnhLMBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAqQFQCx-67I-qAMBqgTpAU_Qq6vgedLDxZS3CQkXlTwanE5JbMGiEpwSiB2kx6Bup_RDAITM9Cy0vpkXnqvZGe_8iQsjE76XijvmHOAoQpcfo4ignCN2ykwiUKKXEjeNSc2H9xt-ipyuBLw8AWZW08KUHOsNUErLgI-HWG3nUV-g2cAIdvR5cM8Q3JpVtHBFCFohIP246BlTHUOluKJkTJXfStgfeRIJ4hhUN5D3Ryn4IFElJ3nl1j-8IzUqd8-5pN21UXWwUtxA19m681iq3QFFLvcklSGpvwnji0mUQWa2SFPZUPR4eycyjBhAF2XIf7ovRlEs039tgAbzsK6zzaequHSgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2nOHUFcl5QjVB_5aYh5bNsORIVNQ%26client%3Dca-pub-5630956766216465%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Oct 2023 02:02:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame C73B 2 KB
1 KB 116ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Oct 2023 02:02:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C73B 308 B
637 B 112ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 20 Oct 2023 02:02:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C73B 293 B
621 B 143ms
66ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 20 Oct 2023 02:02:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame C73B 43 B
348 B 223ms
40ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JGYH-uz1Vo3kZa8TYixG90SYqzv3fHW4sDJ0LrAey9Hva1r_vupdROxu31elRCWl3aM6YD-fhH2ShGt4kTLU_2GzoiAjkC4CMHsFwhqGWFQGNobMiAIuNhjEerTn9ImlDYLSU58mlm8QgbhdwH13kWC8MprYjvmlM6vJUHM5XSL7njIAmMVI65B0bmtv5qxR_ADc9Y6pH7EURCfdcW9Sh2mxVq39i1ElGE150Qd_Ixo33aqurTOP_9gK40HyGB8Pv9ZMAuJ8prDe2dyx-ZItYQCHRij4msSMypIziXDXTO5LUFpzErh-PDu2-ldWZqJh0iswGt2DVwsKlXwGbzL6BfATooDecdDquRaQpm8dZBcJU7F6HBoITukK6uN9iEK3ySpTs3AEH4kzvE66V04YFJysWSlKeAAJ1NXlA_FmMHOQtJo2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:02:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3719174
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7607 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cd4635278e6c8fd7a3e4661d4b8d3b56188fdac6530ffe9436f728ab2e1645a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9D60 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22e52b4109b0cac289869a7f7b25b2d41654a4c0e0ee5c00070bac103ab0a22c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C73B 12 KB
6 KB 77ms
38ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Oct 2023 02:02:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C73B 6 KB
6 KB 147ms
34ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=91673&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91673%2F221021%2F5cce6c31675a45a19f4daa2d5d22493b_cp_logo_black.png&v=3&w=196&s=b-2XxnMh5Q_94nRvWYaYzFrb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

55b8b6b9e38188973e7153ffe51bd0baa56b598748fb660f6f97886c324e260b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30814291
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5976
expires: Mon, 16 Oct 2023 17:34:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C73B 363 KB
363 KB 178ms
66ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=91673&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91673%2F221021%2F3739ce8795c241e39fc2df1d2e303ae8_1200_x_1200.jpg&v=3&w=1200&s=_iob_349Hbitn0ZeGs4zfiOR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6d8370076f2b4471066e263ed7f5039a1880f012d5d4db36c1d6242d9426d83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30814984
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 371576
expires: Mon, 16 Oct 2023 17:45:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C73B 9 KB
10 KB 177ms
65ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91673&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1231%2F7584%2Fproducts%2F210824_CPNY_Ecom_S57_002Resize.jpg%3Fv%3D1642783880&v=3&w=400&s=ZKl6AJEGUuHL7lAZ39ehI8sd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6ccab9b805add5293e248551a859cfd730f15ed0504a1b58cca58ee0994f4ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29582423
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9702
expires: Mon, 02 Oct 2023 11:23:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C73B 0
128 B 222ms
35ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=0TZKHm0MDN2f7-iycODq3Ehgfv7Gn4LxJ0s9DpquvccE7aeqrT3rw2xml9trkhs4NfuPRJ_PzMdeiYWt6NGlTeGMeivUYfnawUkQnB-6gCxVwTSn3c4cqu-e3kXIc7SzMevaRxEcBi8su_lwc7LCVFSdwPCJk3ib3glLkFDpfWR9LJr6V0-QUT0XHgjHK4mr_PZsT8jm6raMrksaptOpIZo5VdmEvel4zLci5sCL3NwNOfIsa0DfHkhhcGz6mWeLwMmvdw&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:02:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C73B 2 KB
1 KB 47ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Oct 2023 02:02:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C73B 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Oct 2023 02:02:45 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9D60 28 KB
28 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 13748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:13:37 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9D60 14 KB
14 KB 195ms
105ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:23 GMT
x-content-type-options: nosniff
age: 355582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:16:23 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7607 28 KB
28 KB 159ms
82ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 13748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:13:37 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7607 14 KB
14 KB 197ms
120ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:23 GMT
x-content-type-options: nosniff
age: 355582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:16:23 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 121 KB
40 KB 37ms
36ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Oct 2022 02:02:45 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 152ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.buhoblik.org.ua
date: Tue, 25 Oct 2022 02:02:45 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=533&code=1863ad58d2a74073a035b49766607004
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D1863ad58d2a74073a035b49766607004

43 B
848 B

41ms
41ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D1863ad58d2a74073a035b49766607004

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 02:02:45 GMT
AN-X-Request-Uuid: e54093ff-eed9-4ff8-8e03-6aafc33f5d94
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 02:02:45 GMT
AN-X-Request-Uuid: 6a01e1c6-95ac-455c-ba2c-3d963b72685b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D1863ad58d2a74073a035b49766607004
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 307ms
34ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-length: 0

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 264ms
60ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=1863ad58d2a74073a035b49766607004
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 25 Oct 2022 02:02:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=1863ad58d2a74073a035b49766607004&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=1863ad58d2a74073a035b49766607004&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admixer&gdpr=&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=805bf736f334cf19/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=805bf736f334cf19/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26g...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D0E2y59DCSaVhMTYUMYYWjMbR%26ssp%3Dadmixer
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=0E2y59DCSaVhMTYUMYYWjMbR&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=84967be5-4e0b-4a6a-9be1-46769893db78&gdpr=&consent=&gdpr_pd=

43 B
463 B

40ms
40ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=84967be5-4e0b-4a6a-9be1-46769893db78&gdpr=&consent=&gdpr_pd=

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:02:46 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=84967be5-4e0b-4a6a-9be1-46769893db78&gdpr=&consent=&gdpr_pd=
Date: Tue, 25 Oct 2022 02:02:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

36ms
36ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Oct 2022 02:02:45 GMT, Tue, 25 Oct 2022 02:02:45 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Tue, 25 Oct 2022 02:02:45 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 227 B
472 B 217ms
42ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=91853949325

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f9a0f2f4731c0f3a269abda8c26c1663824fc3c92ee63771de7b70bc8608919a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.buhoblik.org.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 198

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 48ms
48ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=1863ad58d2a74073a035b49766607004&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=28&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=b6f87f58-7d70-49c3-bb6d-aa3c971ac3e9&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=6%2C2%2C496&ts=638022601652151875&ap=MA%3D%3D&asign=168064329&sync=88%2C3&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-6&pxl=0&pvid=023ecd64-eafc-4a9b-b6eb-1982857beb5e&ip=217.138.196.101&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Oct 2022 02:02:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BD2 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1666663363&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364225&bpp=3&bdt=579&idt=187&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=YzUGpm1v6o&p=https%3A//www.buhoblik.org.ua&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 14:38:55 GMT

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EE9 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 14:38:55 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/49044/ 28 KB
11 KB 116ms
114ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:01 GMT
server: nginx
etag: W/"63049f45-702f"
vary: Accept-Encoding
x-cached-since: 2022-10-04T09:19:33+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 05 Oct 2023 09:19:33 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/49044/ 42 KB
18 KB 125ms
124ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:02 GMT
server: nginx
etag: W/"63049f46-a793"
vary: Accept-Encoding
x-cached-since: 2022-10-24T16:09:37+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 25 Oct 2023 16:09:37 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/49044/ 13 KB
5 KB 133ms
132ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:54 GMT
server: nginx
etag: W/"63049f3e-326c"
vary: Accept-Encoding
x-cached-since: 2022-10-04T09:29:33+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 05 Oct 2023 09:29:33 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/49044/ 11 KB
4 KB 129ms
129ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:52 GMT
server: nginx
etag: W/"63049f3c-2a79"
vary: Accept-Encoding
x-cached-since: 2022-10-10T16:11:27+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 11 Oct 2023 16:11:27 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/49044/ 215 KB
74 KB 143ms
142ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Tue, 25 Oct 2022 02:02:45 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:51 GMT
server: nginx
etag: W/"63049f3b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-10-24T16:09:35+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 25 Oct 2023 16:09:35 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
220 B 36ms
35ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 02:02:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.buhoblik.org.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 42ms
42ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=1863ad58d2a74073a035b49766607004&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=28&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=b6f87f58-7d70-49c3-bb6d-aa3c971ac3e9&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=6%2C2%2C496&ts=638022601652151875&ap=MA%3D%3D&asign=168064329&sync=88%2C3&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-6&pxl=0&pvid=023ecd64-eafc-4a9b-b6eb-1982857beb5e&ip=217.138.196.101&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Oct 2022 02:02:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
55ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e900655af8e21dd0d1d38e2043dfcdcbb6a64aa4da6db3e92acb1d350c54aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11256
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6A43 15 KB
6 KB 105ms
35ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:02:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 733555
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 02:02:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 344E 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 26860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 18:35:06 GMT
expires: Tue, 24 Oct 2023 18:35:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4357 783 B
1 KB 140ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e7dfac5b1fda674afcd0870bb76663f75aafaa122d98be59c5d843e4c994540f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E71NnzBYvVNCX9er08pA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-E71NnzBYvVNCX9er08pA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:02:46 GMT
expires: Tue, 25 Oct 2022 02:02:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6A43
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=hpFLYnxYSGFWNDF6ZEk2SHVvUHVIY3lMWUJUbkJQWTBieDRmZFdoWDd1dmtJRWhha3ovSGVkZll3NmIwbmJEeURtUXpyS21xRzVQcmo3bjZaWUtmczFrRFF4MkE2SENVNEdXaWNEN0lLSlBZa2lrKy9vUDc0R1JLQnFlVD...

425 B
654 B

129ms
39ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hpFLYnxYSGFWNDF6ZEk2SHVvUHVIY3lMWUJUbkJQWTBieDRmZFdoWDd1dmtJRWhha3ovSGVkZll3NmIwbmJEeURtUXpyS21xRzVQcmo3bjZaWUtmczFrRFF4MkE2SENVNEdXaWNEN0lLSlBZa2lrKy9vUDc0R1JLQnFlVDNzakUySWEyWWViODVWaGNnWXd0TElsbDZKYm01MjhEYlRTblF4aHVvSzY1czRYaGo4MVJMTmY5QWJBYlVyZS91YjJpMXZoYnRpZm9wY2hkaDcrVThVUDBLK3RJdGdLQUFiRWkvK0JrRm9saFBkYXptVERIWks0NGhrVXA5dlNDdXBXczdrT3BWYUZlS2NrZDJHSGIzSzkycy85QVlwZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37dad176d770deacd5f799a0588b4a96cf56ed924b3d41c2bbe4578df066e8d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:02:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2381604
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:02:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hpFLYnxYSGFWNDF6ZEk2SHVvUHVIY3lMWUJUbkJQWTBieDRmZFdoWDd1dmtJRWhha3ovSGVkZll3NmIwbmJEeURtUXpyS21xRzVQcmo3bjZaWUtmczFrRFF4MkE2SENVNEdXaWNEN0lLSlBZa2lrKy9vUDc0R1JLQnFlVDNzakUySWEyWWViODVWaGNnWXd0TElsbDZKYm01MjhEYlRTblF4aHVvSzY1czRYaGo4MVJMTmY5QWJBYlVyZS91YjJpMXZoYnRpZm9wY2hkaDcrVThVUDBLK3RJdGdLQUFiRWkvK0JrRm9saFBkYXptVERIWks0NGhrVXA5dlNDdXBXczdrT3BWYUZlS2NrZDJHSGIzSzkycy85QVlwZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 613837
content-length: 0
expires: 0

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 344E 36 KB
16 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 14:38:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4357 0
0 75ms
74ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=3246787065745947&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 344E 0
10 B 41ms
41ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c6C-wQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:02:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7607 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2r1INgFJKR_aLnFrf6s6R5M-RKNmY9JJ9BED_u68hRcEUF75eoZ57spdWKNUlCsMkBHmYdrVy3iyzagjSDg5PdDIzu8DDD8Rr3u_M4ZqpleXUJgkxPH-lRTfQC7Z7ZobAafZC6Q&sai=AMfl-YRFy6HAwGI5Ne7IxO_pVAzJhDj38uDuvFpGL37tgX4fdmf7ih9WpcaUujRSeqCCctNbvxqJc3TahJes7Qg&sig=Cg0ArKJSzM52CY1JhS62EAE&cid=CAQSGwDq26N96ZPbOvqNI_cOsQZNvv7CVMSYboFdAhgBIA4&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3078983205&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666663364385&rpt=1157&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=3246787065745947&bg=!t7SltPDNAAaaxvStusY7ACkAdvg8WjMZ8xMGuaVkAXWfcWMdCk99r0Y4SeLJf6QhdN6mstY9Ze9TJQIAAACZUgAAAANoAQeZAq6B5r7LbpR4FQKryQdv7fx5H7K7p3gjFN4j7FIU-K_Fiaz6HC35HFwwEXmbObAZrTkokfnMAkCpK3ahHX1drmYRsbWuzApIsufMqERkb2hxnQLrZBZ_OpjJmus5gazzOF_byVpLHWcpLhsQfrPoFdXDdpJKKx97xQSmZVbSObzbG_1eQTND2CkcZgrUYjiLSQI82vurJs3VdoX0yxGa8DTy39k3Foid8gq_mVuI_u9n4kF2iy4wSEUC37bKY-LP8rVEctO06MOXuCscXQxMKTSme4jhBf9ipKT0j3SDofH_qsXHMFLkdYsAG76S0GCCqQ7nalNmv6OqXqt8XBpSgEJvGVttcQZO97feZgEdXtE6ce14bAVrlZwdXt_Li-n1ZsW_Sx6sj9zGTdTluvQ52exdK4SrU_3wMpZknUGHIupwsB3NUpe9lHTCN_KkILCePWXqC15CYlU4DEviyQON5WVsJQypmV-e3ppnsrcZi5ufP6lJQ6zqDAinYf5mtZ2IwUc4fM-UEaa_V7n87ab99WXuGpPI9Ace4U231KRt2kS-ZH4DV56sDQxd7T2U3kRllzeJq-7zp_cDpQXclMuGXtBHus8mouQ_y20jFVg_U_Yu_v1H22LubDtE6T6RywZYbBhBA7rm7mBCbl1ROyQaotCttWKgkvzWSyBYTlhXPrZuxcyzWQh-6vSNlyeYRrYYu7JZXnnl_mSlhBrjNO4gyJt2dN5_-uV2_7axjh3XQzDnuubbomaBAB65z5sdLwLUITeTDKSEergVoznARS3gROerpKIm2ydCItbGhhTrCmTeOx_qwHXfCDidnufmvvcbW39QS2bGeRIzjgUdTmnxDXCrBQPhd45zT7X_se-BC-M23OjaixihGXO4E91mu5_q5Krh-c9OIq-ZUv3jruBo8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 40ms
39ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=dab6be62-b1e7-4d05-a12c-0a70b3291504

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Oct 2022 02:02:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 09:07:19	Name: am-uid Value: 1863ad58d2a74073a035b49766607004
www.buhoblik.org.ua/	1969-12-31 23:59:59	Name: 54328dacc8285ec61fa19f90fac03db6 Value: 5965de31b8be5bfbc0ad5f9a5c23d889
.buhoblik.org.ua/	1970-01-20 16:33:43	Name: __utma Value: 21695912.802113546.1666663364.1666663364.1666663364.1
.buhoblik.org.ua/	1969-12-31 23:59:59	Name: __utmc Value: 21695912
.buhoblik.org.ua/	1970-01-20 11:20:31	Name: __utmz Value: 21695912.1666663364.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.buhoblik.org.ua/	1970-01-20 06:57:43	Name: __utmt Value: 1
.buhoblik.org.ua/	1970-01-20 06:57:45	Name: __utmb Value: 21695912.1.10.1666663364
.buhoblik.org.ua/	1970-01-20 16:19:19	Name: __gads Value: ID=f3d448f510f97c40-22b1885f54ce00d9:T=1666663364:RT=1666663364:S=ALNI_MbHQxwQGUlvHb_2ZEXudyp5PJgPrQ
.buhoblik.org.ua/	1970-01-20 16:19:19	Name: __gpi Value: UID=00000b7836cc982f:T=1666663364:RT=1666663364:S=ALNI_MadfpEpJHOozYLnH4owhYhr1K3_-A
xn--r1a.website/	1970-01-20 06:59:09	Name: stel_ssid Value: 8a584b637b23d0f617_9663940869902443357
www.buhoblik.org.ua/	1969-12-31 23:59:59	Name: Value: store.test
tttttt.me/	1970-01-20 06:59:09	Name: stel_ssid Value: 635b2ff3ea1f5d2769_15674599190078937894
.doubleclick.net/	1970-01-20 16:19:19	Name: IDE Value: AHWqTUlCZrOsm9wp4fSLyVKpL_bzp7oYBj3pUZEgrcbYfWo5Z1rn7iA8IsRDCmng37k
.admixer.net/	1970-01-20 09:07:19	Name: am-uid Value: 1863ad58d2a74073a035b49766607004
www.buhoblik.org.ua/	1970-01-20 07:07:48	Name: am-uid Value: 1863ad58d2a74073a035b49766607004
.creativecdn.com/	1970-01-20 15:43:19	Name: u Value: xfQC0HOtZbeyQZVVT05l
.creativecdn.com/	1970-01-20 15:43:19	Name: ts Value: 1666663365
.adnxs.com/	1970-01-20 09:07:19	Name: uuid2 Value: 1202194027929556947
.bidswitch.net/	1970-01-20 15:43:19	Name: tuuid Value: 84967be5-4e0b-4a6a-9be1-46769893db78
.bidswitch.net/	1970-01-20 15:43:19	Name: c Value: 1666663365
.bidswitch.net/	1970-01-20 15:43:19	Name: tuuid_lu Value: 1666663365
.onaudience.com/	1970-01-20 15:43:19	Name: cookie Value: 805bf736f334cf19
.onaudience.com/	1970-01-20 06:59:09	Name: done_redirects104 Value: 1
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.criteo.com/	1970-01-20 16:19:19	Name: uid Value: bffbbd4d-e5dc-41ac-a5aa-ea392baba8e0
.buhoblik.org.ua/	1970-01-20 16:19:19	Name: cto_bundle Value: cjbAPl82aG93U1FOemU1N0NUSDRvMjJuMm5RWHolMkJ3d2Z6U0xQNW5kbjU3QmI5cGpFVzJ4R2lRaW14T055SlN4TEc3WFlFYSUyQmg5bGZOaU83ZUxoczR1U3hPbHBGbThoVE1ZWVRrUTFRVUU4bGRWZHpkazRkMUl3Z3JjSCUyRmxpNlg2RmgxcE9vJTJCampEalFuWURvNXh4ZG41dXVxdyUzRCUzRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1666663363&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663364233&bpp=4&bdt=588&idt=189&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=879915989181&frm=20&pv=1&ga_vid=802113546.1666663364&ga_sid=1666663364&ga_hid=1478700019&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070201%2C31070426%2C44775017&oid=2&pvsid=3246787065745947&tmod=629751224&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=E0Usdg8Y9Q&p=https%3A//www.buhoblik.org.ua&dtd=192 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	Message: Refused to frame 'https://tttttt.me/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://web.telegram.org".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
avto-oblik.com.ua
bidder.criteo.com
buhoblik.org.ua
cat.nl.eu.criteo.com
cdn.admixer.net
creativecdn.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
ib.adnxs.com
image8.pubmatic.com
inv-nets.admixer.net
m.trafmag.com
mts0.google.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-eu.onaudience.com
prebid-eu.creativecdn.com
rtb.fr.eu.criteo.com
ssl.google-analytics.com
static.criteo.net
sync.crwdcntrl.net
tpc.googlesyndication.com
tttttt.me
www.buhoblik.org.ua
www.google.com
www.google.com.ua
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--r1a.website
141.94.171.216
141.95.171.142
146.0.227.109
178.250.0.157
178.250.2.131
178.250.2.135
178.250.2.148
178.250.2.150
185.184.8.90
193.200.65.6
198.47.127.18
2001:41d0:602:3b8e::
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a02:2638:1::13
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a03:90c0:41:2801::254
2a06:6440:0:2d02::1
3.125.244.197
37.252.171.149
52.212.137.183
95.216.186.40
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15e749617a3856bfaa4d2cea0c50d88366d2b579841bd5a45bd2d34062babc51
16b04d867dfb5435d7e0005f1a402994d14486aa57c8dd9e31430bcefcd5263d
19392e586d8d5cde9d88deb36bf86d690ece77016dfa2de4081676b99de4534c
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
22e52b4109b0cac289869a7f7b25b2d41654a4c0e0ee5c00070bac103ab0a22c
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2b646480f4337325d42bbfabd1d398c13e979a890f5f974b272474c756038ae1
31f766b95dc4a759df34d63ca5516983accfdb7f25b96448d1180487fc7ecd67
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69
37dad176d770deacd5f799a0588b4a96cf56ed924b3d41c2bbe4578df066e8d6
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
525b3ccc055a1bf89b7782ef779570dc6b61d8bf607bb7cfc07443e55dc38a5a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b8b6b9e38188973e7153ffe51bd0baa56b598748fb660f6f97886c324e260b
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
5c41cbcd54360d78a2ce67dbed11965071b2efc0a84c64b28b87882c6bac3a65
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69618242a2b800b7dbce5d7fc9a55c818ede86c99d0fcb65bbb6406f795da5da
6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ccab9b805add5293e248551a859cfd730f15ed0504a1b58cca58ee0994f4ec0
6d8370076f2b4471066e263ed7f5039a1880f012d5d4db36c1d6242d9426d83e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7b9a02e76f447d91b9fa71fe1cfda3921b74c7cdbc8b6d957ce928f67b6060c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd4635278e6c8fd7a3e4661d4b8d3b56188fdac6530ffe9436f728ab2e1645a
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09
8e900655af8e21dd0d1d38e2043dfcdcbb6a64aa4da6db3e92acb1d350c54aa4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a468c5e6aebcd7c6ae7292c8b27b5807cfe6881e67bba3a8250333c678607ee9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b0f5bffaeb764aa70680c3eb8601df393b59f9095e9f8d00207ffec66736b88d
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c28c6807bf38d37b91eb97884b6347924aeaf2ec43376582e16e43a722a1ef1e
c2e9d7b646c432646cba0cf9f31cf25c52af0e1c0b0dff89ed6ac8ac82c6b784
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd
d8de35279b292a4eb7bc04d92d6f1a55a55c05ae1be7cd413dcec1a9955b3b06
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7dfac5b1fda674afcd0870bb76663f75aafaa122d98be59c5d843e4c994540f
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f9a0f2f4731c0f3a269abda8c26c1663824fc3c92ee63771de7b70bc8608919a

www.buhoblik.org.ua Open in urlscan Pro 2a06:6440:0:2d02::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

95 %HTTPS

57 %IPv6

25 Domains

39 Subdomains

31 IPs

8 Countries

1769 kBTransfer

3831 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

95 %
HTTPS

57 %
IPv6

25
Domains

39
Subdomains

31
IPs

8
Countries

1769 kB
Transfer

3831 kB
Size

26
Cookies

102 HTTP transactions
11 data transactions