www.cluber.com.ua Open in urlscan Pro
136.243.78.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cluber.com.ua/
Effective URL:
http://www.cluber.com.ua/
Submission: On May 05 via api (May 5th 2022, 2:18:16 pm UTC) from GB — Scanned from GB

Summary HTTP 182 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 22 domains to perform 182 HTTP transactions. The main IP is 136.243.78.100, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.cluber.com.ua.

This is the only time www.cluber.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	136.243.78.100 136.243.78.100	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
15	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1 3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	104.102.29.173 104.102.29.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:fb:... 2a02:26f0:fb::5f65:5862	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400e:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	54.209.199.10 54.209.199.10	14618 (AMAZON-AES) (AMAZON-AES)
6	104.90.144.34 104.90.144.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1 7	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
20	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	64.74.236.95 64.74.236.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 2	52.210.113.214 52.210.113.214	16509 (AMAZON-02) (AMAZON-02)
2	52.209.180.67 52.209.180.67	16509 (AMAZON-02) (AMAZON-02)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 5	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:224... 2600:9000:224a:3a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
17	44.233.239.94 44.233.239.94	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	18.158.14.110 18.158.14.110	16509 (AMAZON-02) (AMAZON-02)
182	40

32 136.243.78.100 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.100.78.243.136.clients.your-server.de

cluber.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cluber.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

adncdnend.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb::5f65:5862 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.unrulyvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:810::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.199.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-199-10.compute-1.amazonaws.com

servt.unrulyvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.90.144.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-144-34.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.113.214 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-113-214.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.180.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-180-67.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.102.29.65 (Milan, Italy) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:3a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 44.233.239.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-239-94.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.14.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-14-110.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 171 pagead2.googlesyndication.com — Cisco Umbrella Rank: 119	225 KB
32	cluber.com.ua 1 redirects cluber.com.ua www.cluber.com.ua	754 KB
24	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1061 pixel.adsafeprotected.com — Cisco Umbrella Rank: 780 static.adsafeprotected.com — Cisco Umbrella Rank: 777 dt.adsafeprotected.com — Cisco Umbrella Rank: 670	191 KB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 289 ad.doubleclick.net — Cisco Umbrella Rank: 246 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354	312 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com	243 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	2 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1701 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3413 odb.outbrain.com — Cisco Umbrella Rank: 1756 mcdp-chidc2.outbrain.com — Cisco Umbrella Rank: 7285	86 KB
6	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4301 images.outbrainimg.com — Cisco Umbrella Rank: 2374	164 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 316	112 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	140 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2327	51 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	40 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 326	3 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 3762 www.google.co.uk — Cisco Umbrella Rank: 2633	1 KB
3	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 142	90 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	3 KB
2	unrulyvideo.com tg1.unrulyvideo.com — Cisco Umbrella Rank: 68382 servt.unrulyvideo.com — Cisco Umbrella Rank: 32553	6 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 810	648 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	24 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	azureedge.net adncdnend.azureedge.net — Cisco Umbrella Rank: 38217	3 KB
182	22

	Domain	Requested by
31	www.cluber.com.ua	www.cluber.com.ua
20	tpc.googlesyndication.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com www.cluber.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
17	dt.adsafeprotected.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
16	pagead2.googlesyndication.com	www.cluber.com.ua c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com
10	securepubads.g.doubleclick.net	www.cluber.com.ua securepubads.g.doubleclick.net
7	www.google.com	1 redirects www.cluber.com.ua c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	images.outbrainimg.com	widgets.outbrain.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.gstatic.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
5	www.googletagservices.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com fw.adsafeprotected.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	www.googleadservices.com www.cluber.com.ua c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
4	mc.yandex.ru	1 redirects www.cluber.com.ua
4	www.google-analytics.com	www.cluber.com.ua www.google-analytics.com www.googletagmanager.com
4	widgets.outbrain.com	adncdnend.azureedge.net widgets.outbrain.com www.cluber.com.ua
4	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	static.adsafeprotected.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com pixel.adsafeprotected.com
3	encrypted-tbn1.gstatic.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagmanager.com	1 redirects www.cluber.com.ua adncdnend.azureedge.net
3	fonts.googleapis.com	www.cluber.com.ua c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	encrypted-tbn3.gstatic.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
2	www.google.co.uk	www.cluber.com.ua
2	fonts.gstatic.com	fonts.googleapis.com
1	d.agkn.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
1	s0.2mdn.net	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	encrypted-tbn2.gstatic.com	c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
1	mcdp-chidc2.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.cluber.com.ua
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	servt.unrulyvideo.com	www.cluber.com.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	tg1.unrulyvideo.com	adncdnend.azureedge.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	adncdnend.azureedge.net	www.cluber.com.ua
1	cluber.com.ua	1 redirects
182	44

This site contains links to these domains. Also see Links.

Domain
www.cluber.fm
ua.cluber.com.ua
goo.gl
b76289.snzgdl.com
www.tyntec.com
greedyfinance.com
sterlingwoodrow.com
www.theconstructionindex.co.uk

Subject Issuer	Validity	Valid
www.cluber.com.ua R3	`2022-04-08` - `2022-07-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
wl2.aniview.com R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.unrulyvideo.com Amazon	`2022-03-12` - `2023-04-10`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 16 frames:

Primary Page: http://www.cluber.com.ua/
Frame ID: 9394720307CDB41B7A2AD5CD4D09EE83
Requests: 83 HTTP requests in this frame

Frame: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 68C3062C77A91C0A2A6F0AACF8EE61CA
Requests: 1 HTTP requests in this frame

Frame: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12E2CDC63EB0226135C9ADA1C6746AC9
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 88661F16C73B93B52BAF49DF21F1519F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: EEF18D9103F5A442E95535C3479AA356
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: 0BFC49434FEFE5C72A9C9C05C5DD288D
Requests: 1 HTTP requests in this frame

Frame: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C127655AA05C426ABD62765FE311876
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGMvtg8YBMAE&v=APEucNVnYMpyjO3Oq5XQgZpKGMx-tl2mcxjz8moJKFKRXN1fJlr4wBhl2b7M_f-1wSYPXAej8iRHeo-sm4trv7Tce1hJOiEZAKE7tm-ZLhDMl8FGnr_5aez6GW_EUHfwBBS3QgMcaNAkv_QbYmLEnYEvKnFdDuaGMrdVmuZIePRkzws2MXR9vG4jZIsAWpGIvkGISICZY4br_QapsMxifCjNLeRIzmIQQw
Frame ID: E94BF49F8A7FFE38343405D91CB22633
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3B2EBF656A792CB92BC0D5991AC17650
Requests: 3 HTTP requests in this frame

Frame: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E757AA9AD356D940C6F68EA07B3C6FD0
Requests: 17 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F7D7C37B0793C7DE6D3B0F6E5C4C1D92
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: 1778595573639A25C97ED1CBD71AA415
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 26A287323A403294112C476C2D4B423C
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1910E26F9E9C99EE5230ECAC61483A6B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA67821F759AA1CD8ED41D69423FEA4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61EE45304792FAE64F5DCF9BE046CBBF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Клубер — саморазвитие и личностный рост

Page URL History Show full URLs

http://cluber.com.ua/ HTTP 301
http://www.cluber.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

79 %
HTTPS

56 %
IPv6

22
Domains

44
Subdomains

40
IPs

7
Countries

2463 kB
Transfer

5526 kB
Size

40
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cluber.fm/
Title: Радио

Search URL Search Domain Scan URL

URL: https://ua.cluber.com.ua/
Title: Українською

Search URL Search Domain Scan URL

URL: http://goo.gl/QjNC6C

Search URL Search Domain Scan URL

URL: http://goo.gl/pE8SzA

Search URL Search Domain Scan URL

URL: https://b76289.snzgdl.com/?subid1=00d7c0179f2477124a18d21bdce3f1b430&subid2=0064712b58b81c560a96e687312881790a&subid3=$publisher_id$---delimjuwe---$section_id$&subid4=outbrain-$ob_click_id$&network=outbrain&site=$section_id$&adtitle=Internet+Without+Landline%3A+Prices+in+2021+Might+Surprise+You&dpco=1&outbrainclickid=$ob_click_id$&obOrigUrl=true
Title: Internet Without Landline: Prices in 2021 Might Surprise You Sponsored: Internet Providers | Search Ads Read Next Story

Search URL Search Domain Scan URL

URL: https://www.tyntec.com/whatsapp-business-fashion-commerce-long-2022?utm_source=outbrain&utm_medium=cpc&utm_content=WhatsApp+for+Business%3A+Why+it+works+for+the+fashion+industry&utm_term=$section_name$&obOrigUrl=true
Title: WhatsApp for Business: Why it works for the fashion industry Sponsored: Tyntec Germany Read Next Story

Search URL Search Domain Scan URL

URL: https://greedyfinance.com/index.php/en/2021/06/29/elevator-footage-reveal-people-doing-the-most-outrageous-things-2/?utm_source=ob-001289aee60e96c4826c22866646990edb&utm_term=outbrain&obOrigUrl=true
Title: [Gallery] The Things People Do When They Think No One Is Watching Sponsored: Trendscatchers Read Next Story

Search URL Search Domain Scan URL

URL: http://sterlingwoodrow.com/ob-lp-6/?obOrigUrl=true
Title: Tired of being a landlord? Social Housing will get you peace of mind Sponsored: Sterling Woodrow Read Next Story

Search URL Search Domain Scan URL

URL: https://www.theconstructionindex.co.uk/news/view/increasing-transparency-for-copenhagen-metro-with-autodesks-construction-cloud?obOrigUrl=true
Title: Increasing transparency for Copenhagen Metro with Autodesk’s Construction Cloud Sponsored: Construction Index Read Next Story

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cluber.com.ua/ HTTP 301
http://www.cluber.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.googletagmanager.com/gtm.js?id=GTM-N9P22G HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-N9P22G

Request Chain 50

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 68

https://mc.yandex.ru/watch/10889689?wmode=7&page-url=http%3A%2F%2Fwww.cluber.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A1719%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1541483668205%3Ahid%3A514343027%3Az%3A0%3Ai%3A20220505141809%3Aet%3A1651760290%3Ac%3A1%3Arn%3A107579335%3Arqn%3A1%3Au%3A1651760290429665923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651760287389%3Ads%3A1057%2C43%2C46%2C45%2C214%2C0%2C%2C321%2C2%2C%2C%2C%2C1901%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651760290%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/10889689/1?wmode=7&page-url=http%3A%2F%2Fwww.cluber.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A1719%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1541483668205%3Ahid%3A514343027%3Az%3A0%3Ai%3A20220505141809%3Aet%3A1651760290%3Ac%3A1%3Arn%3A107579335%3Arqn%3A1%3Au%3A1651760290429665923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651760287389%3Ads%3A1057%2C43%2C46%2C45%2C214%2C0%2C%2C321%2C2%2C%2C%2C%2C1901%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651760290%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 97

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1&C=1

Request Chain 117

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnPco4FeMT2o6ddtbiVT-AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOVokl_Bh7cZml3vZcbzbeg&google_cver=1

Request Chain 119

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ3Nzc1MjUwNzAyMDIyNTg5MQ%3D%3D

Request Chain 139

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/995085/61697692/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fwww.cluber.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ecc204ef-9ea8-2154-28cf-26711f693071,c:bKxdX5,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-578cdd6bcc-mdr2l,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:3158c704-cc7e-11ec-8822-ba90dc0dd000,v:19.8.306,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

182 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.cluber.com.ua/
Redirect Chain

http://cluber.com.ua/
http://www.cluber.com.ua/

96 KB
23 KB

1147ms
46ms

Document
text/html

136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 898212261216437a8707ede3e06c7d809af4a7cd9e42a708561c3fa307de418a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 May 2022 14:18:08 GMT
Last-Modified: Thu, 05 May 2022 06:44:40 GMT
Link: <http://www.cluber.com.ua/wp-json/>; rel="https://api.w.org/"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 05 May 2022 14:18:07 GMT
Location: http://www.cluber.com.ua/
Server: nginx

GET
H/1.1 200
OK autoptimize_2e01c992f7798fe909914e218cb6bead.css
www.cluber.com.ua/wp-content/cache/autoptimize/css/ 314 KB
54 KB 226ms
90ms Stylesheet
text/css 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cluber.com.ua/wp-content/cache/autoptimize/css/autoptimize_2e01c992f7798fe909914e218cb6bead.css
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7fbebed2c826e300b4dda9308c237929ddc66c4cb568b1124dacb167152db1af

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 04:03:39 GMT
Server: nginx
ETag: W/"624fb41b-4e943"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2022 14:18:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c67b016da9140e2ad22751a94eeb3beb5d2c9e6c2ba99ed970bf2d6ee8c225df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 13:37:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 14:18:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 14:18:08 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.cluber.com.ua/wp-includes/js/jquery/ 87 KB
31 KB 230ms
95ms Script
application/javascript 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cluber.com.ua/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 08:51:04 GMT
Server: nginx
ETag: W/"60f7dff8-15db1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2022 14:18:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 147ms
55ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

c994f317d1a0b1dc2a3d383f388190d7c262513e7f830a8d0e1ebb40b4cc62cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28484
x-xss-protection: 0
server: sffe
etag: "1205 / 615 of 1000 / last-modified: 1651748848"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 May 2022 14:18:09 GMT

GET
H/1.1 200
OK logo-c-hd-uat.png
www.cluber.com.ua/wp-content/uploads/2022/03/ 20 KB
20 KB 47ms
46ms Image
image/png 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cluber.com.ua/wp-content/uploads/2022/03/logo-c-hd-uat.png
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 1205c99781cfba4734dda4147ff18e4404a3d89d5cbf12b92c5a9919ef5fd4d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 16 Mar 2022 15:32:56 GMT
Server: nginx
ETag: "62320328-4ecb"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20171
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK autoptimize_43dc917812909abc65b4ea2be08b3c32.js Show response
www.cluber.com.ua/wp-content/cache/autoptimize/js/ 336 KB
85 KB 65ms
65ms Script
application/javascript 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cluber.com.ua/wp-content/cache/autoptimize/js/autoptimize_43dc917812909abc65b4ea2be08b3c32.js
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7b251bafc96a595143baae84e0436a84112231a385a0fd52209767a6e1b89d9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2022 04:12:30 GMT
Server: nginx
ETag: W/"624fb62e-541c7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H2 200 cluber.adn.js Show response
adncdnend.azureedge.net/adtags/ 7 KB
3 KB 303ms
68ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adncdnend.azureedge.net/adtags/cluber.adn.js
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C3B) /
Resource Hash: e954aa8d98119b72b7482237d7fb4bb4f5f7e521ac076d5824e085ec3c9ae51f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: gzip
content-md5: alnpCfbk6muahs39ZrQLDA==
age: 84787
x-cache: HIT
content-length: 2401
x-ms-lease-status: unlocked
last-modified: Mon, 18 Apr 2022 08:17:09 GMT
server: ECAcc (mil/6C3B)
etag: 0x8DA2113D57C0E16
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: 6daa255a-901e-00a7-49c5-5fe09f000000
cache-control: max-age=86400
x-ms-version: 2009-09-19
expires: Fri, 06 May 2022 14:18:09 GMT

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-N9P22G
https://www.googletagmanager.com/gtm.js?id=GTM-N9P22G

129 KB
50 KB

144ms
55ms

Script
application/javascript

2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9P22G

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27e12d1470465af58498a1c53568b10bd416dac1d5dfdbd82b8104d89709fa93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50536
x-xss-protection: 0
last-modified: Thu, 05 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 May 2022 14:18:09 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-N9P22G
Date: Thu, 05 May 2022 14:18:09 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK content-writing.png
www.cluber.com.ua/wp-content/uploads/2019/06/ 13 KB
14 KB 55ms
54ms Image
image/png 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/content-writing.png
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 86447f33ea3b82ac2866255dbe8a35a1e3989250def2b595ed3394141668e60f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 12 Jun 2019 02:46:06 GMT
Server: nginx
ETag: "5d00676e-34d4"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13524
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK film.png
www.cluber.com.ua/wp-content/uploads/2019/06/ 32 KB
32 KB 92ms
45ms Image
image/png 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/film.png
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 2ceda467bde5570a54cbe67976369eae64c1ccd62b5aa7131b4b5e3a658e0f32

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 12 Jun 2019 03:02:24 GMT
Server: nginx
ETag: "5d006b40-7e4e"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32334
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 193ms
99ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.cluber.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 142232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:47:37 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 115ms
42ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.cluber.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 142382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:45:07 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4635b997acab6fc12365287b5d1c747bbb1948f1fa117a3c5fa55295f7c6b5a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58b260544fc7ef6e3661961990a966104672beea4fcadf1857eccd43269b39f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK book.png
www.cluber.com.ua/wp-content/uploads/2019/06/ 11 KB
11 KB 62ms
44ms Image
image/png 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/book.png
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: ffb66e159093948f8dd57a1982ddad6573df743e1031f0e8242ac157309bd370

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 12 Jun 2019 03:43:56 GMT
Server: nginx
ETag: "5d0074fc-2c21"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11297
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK radio.png
www.cluber.com.ua/wp-content/uploads/2019/06/ 15 KB
16 KB 87ms
44ms Image
image/png 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/radio.png
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 2706adfce2919caa273516d67e6b43fc0b6f1656b4426c0e0863e066e439fc8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 12 Jun 2019 03:59:33 GMT
Server: nginx
ETag: "5d0078a5-3ddc"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15836
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK bg_wood-min.jpg
www.cluber.com.ua/wp-content/uploads/2019/06/ 74 KB
74 KB 92ms
43ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/bg_wood-min.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: fa33c257696cb6ac7481e6713ac847f3ef1e40bed0025cc46a746827b95ef048

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Sat, 22 Jun 2019 20:19:51 GMT
Server: nginx
ETag: "5d0e8d67-127b5"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75701
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK flag-end.png
www.cluber.com.ua/wp-content/uploads/2019/06/ 137 B
439 B 93ms
44ms Image
image/png 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/flag-end.png
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: c6c2cebba0d227142e9efc2ede4d73a453bce2a60800bc620de966cb29933537

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Fri, 14 Jun 2019 20:48:52 GMT
Server: nginx
ETag: "5d040834-89"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK 3-1.jpg
www.cluber.com.ua/wp-content/uploads/2022/05/ 115 KB
115 KB 77ms
44ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/05/3-1.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7468f1c1347e6ce4779f620e1d84fc22bec20c5ec956da4a234fbea39b970818

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 04 May 2022 20:05:02 GMT
Server: nginx
ETag: "6272dc6e-1cb05"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117509
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK fbcitata4_brightline.jpg
www.cluber.com.ua/wp-content/uploads/2014/05/ 67 KB
67 KB 48ms
48ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2014/05/fbcitata4_brightline.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b1972f37154e020c7cc53c26f67be947b4a074569d11c34f9d2906c379b55cd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Thu, 20 Oct 2016 19:03:28 GMT
Server: nginx
ETag: "58091500-10b8c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68492
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET wpshop-core.ttf
www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/ 0
0

GET
H/1.1 200
OK 4-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/05/ 18 KB
18 KB 47ms
47ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/05/4-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 42337e6a328cdfc80f50ac032086c6f35b10ee171726bd851b6a9e5b9dc6ff01

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Tue, 03 May 2022 12:01:53 GMT
Server: nginx
ETag: "627119b1-47ec"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18412
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK 3-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/05/ 13 KB
13 KB 46ms
45ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/05/3-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 78a4d25d24f0c1f12d39d1f65bcf8052c6eb09211088042b52fc113e32636b70

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Mon, 02 May 2022 20:08:32 GMT
Server: nginx
ETag: "62703a40-3458"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13400
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK para1-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/05/ 8 KB
9 KB 45ms
44ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/05/para1-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 4a6ae44af061c5fdf8c6f1afa12091b59d352d07aa23e9304d700bf9a8da7f8b

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Sun, 01 May 2022 19:47:34 GMT
Server: nginx
ETag: "626ee3d6-21a4"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8612
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK ovcza-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 18 KB
18 KB 46ms
45ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/ovcza-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a42c6ecdf807763d71a67dc90549e8a9c6fd5797d61082d4133ccc0a4079c3c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Sun, 01 May 2022 11:49:00 GMT
Server: nginx
ETag: "626e73ac-482c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18476
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK evrei-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 18 KB
19 KB 54ms
52ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/evrei-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 341ea150f411846a959e40da87e8bd99bacc0d50590e1c9dcca01c1a0fc39933

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Sat, 30 Apr 2022 13:04:00 GMT
Server: nginx
ETag: "626d33c0-48ed"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18669
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK mona1-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 14 KB
15 KB 54ms
53ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/mona1-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 5b3e2c7d679ead89a431a94d9bdb8cf9bd8b4b5ed315913c5ed785381469094c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Fri, 29 Apr 2022 20:14:20 GMT
Server: nginx
ETag: "626c471c-38fd"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14589
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK 55-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 13 KB
13 KB 53ms
52ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/55-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 542e3a95fe0161944c7c677a9e65af1eb2d73fae389e129857aa442c97c1c3c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Fri, 29 Apr 2022 13:10:52 GMT
Server: nginx
ETag: "626be3dc-329f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12959
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK 06-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 14 KB
14 KB 49ms
49ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/06-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b561e1dc035e664b054a9f010fbbe8df7695850e6756d9c509f27f5942385dfc

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 27 Apr 2022 20:29:12 GMT
Server: nginx
ETag: "6269a798-3871"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14449
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK nepara-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 18 KB
19 KB 64ms
59ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/nepara-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 9d02af80784e6a6afa0df16a375b03d55197745245979b0ec41150472acd1032

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Wed, 27 Apr 2022 10:45:22 GMT
Server: nginx
ETag: "62691ec2-492b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18731
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK 44-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 9 KB
10 KB 50ms
47ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/44-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 5ca4bb9bf5068c7e41b47699530565348d8f05c685ef43b6d47cb3aae520f711

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Mon, 25 Apr 2022 20:11:21 GMT
Server: nginx
ETag: "62670069-24d0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9424
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK frankl-335x220.jpg
www.cluber.com.ua/wp-content/uploads/2022/04/ 14 KB
14 KB 49ms
47ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2022/04/frankl-335x220.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 075ecf08427ce2a4f3079bf299fc0d0203ff3afbdc06b7b1ca91d01560f95d6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Sun, 24 Apr 2022 15:20:52 GMT
Server: nginx
ETag: "62656ad4-36b0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14000
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK shaolin-100x100.jpg
www.cluber.com.ua/wp-content/uploads/2019/06/ 3 KB
3 KB 49ms
48ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/shaolin-100x100.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 7b7fc297c80ff6f238c24f7a909de2d1352c2e2dba7b59fb035ad2c0a9bba409

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Tue, 18 Jun 2019 19:17:37 GMT
Server: nginx
ETag: "5d0938d1-a5f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2655
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK 7vs-170x115.jpg
www.cluber.com.ua/wp-content/uploads/2015/03/ 6 KB
7 KB 48ms
47ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2015/03/7vs-170x115.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8f4d53d7bd02fd87b02b01ad4f8bcdb6befaaad64c044b0d2a36e1ff91aee16a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Thu, 20 Oct 2016 19:10:51 GMT
Server: nginx
ETag: "580916bb-18e0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6368
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK faces-170x115.jpg
www.cluber.com.ua/wp-content/uploads/2015/02/ 4 KB
4 KB 51ms
50ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2015/02/faces-170x115.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 64f2c54bf52b994ee8f02a0d288c56a3edc398c9d74e11bed2521f0d6a4d93ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Thu, 20 Oct 2016 19:07:41 GMT
Server: nginx
ETag: "580915fd-1043"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4163
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK steve-170x110.jpg
www.cluber.com.ua/wp-content/uploads/2014/05/ 7 KB
7 KB 48ms
47ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2014/05/steve-170x110.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: d6ca9968880b5ba3ea9724c53b4e78c2c85e9bc62e74c54f149c0b954fbe5135

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Thu, 20 Oct 2016 19:03:28 GMT
Server: nginx
ETag: "58091500-1bf1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7153
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK um-170x115.jpg
www.cluber.com.ua/wp-content/uploads/2014/01/ 4 KB
5 KB 47ms
45ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2014/01/um-170x115.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 20bdff18f6d2f5f6667c1f48cd18f5485c6b3faeff136362a81da04c7810e782

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Fri, 17 Nov 2017 23:54:40 GMT
Server: nginx
ETag: "5a0f76c0-11cd"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4557
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK 2165821-170x111.jpg
www.cluber.com.ua/wp-content/uploads/2012/10/ 6 KB
6 KB 47ms
46ms Image
image/jpeg 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2012/10/2165821-170x111.jpg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6d3a2e2f588db02dabe812fd57166efde023870f39d40a1754765a65402e2f1c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Thu, 20 Oct 2016 19:06:08 GMT
Server: nginx
ETag: "580915a0-1789"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6025
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H/1.1 200
OK logo-c-sm.png
www.cluber.com.ua/wp-content/uploads/2019/06/ 18 KB
18 KB 44ms
43ms Image
image/png 136.243.78.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cluber.com.ua/wp-content/uploads/2019/06/logo-c-sm.png
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: HTTP/1.1
Server: 136.243.78.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e49013e2afc2de6bf861b213fef53f70ec2486a4a65df1a5c9a5d8ab31231da5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Last-Modified: Tue, 11 Jun 2019 18:22:16 GMT
Server: nginx
ETag: "5cfff158-469d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18077
Expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H2 200 pubads_impl_2022050401.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 47ms
45ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127725
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 May 2023 10:28:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 97 B
110 B 135ms
51ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cluber.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

22e235b460ca1fc6a3d0e32561ddcfc41e69d352d8f2f9f948dcb945ae0b8b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Thu, 05 May 2022 14:18:09 GMT

GET wpshop-core.woff
www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 175ms
50ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.cluber.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
51ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cluber.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
47 KB 532ms
531ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939229987496703&correlator=3765691102173323&eid=31067238%2C31067437%2C44742767%2C31060032%2C31064018&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fif&iu_parts=339474670%3A32290400%2CCluber%2CCluber_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1061387363&sfv=1-0-38&ecs=20220505&ists=1&fas=8&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1651760289474&lmt=1651733080&dlt=1651760288753&idt=671&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&url=http%3A%2F%2Fwww.cluber.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=985734967.1651760289&ga_sid=1651760289&ga_hid=2036488410&ga_fc=false&btvi=-1&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c5bfa7c10bc5d4f1664e5c4a02fa48ee7ae2f1eebf572efc379a7c757ad81c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48470
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.cluber.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 68C3 6 KB
4 KB 185ms
56ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.cluber.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 14:18:09 GMT
expires: Fri, 05 May 2023 14:18:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022050401.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 42ms
41ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022050401.js?cb=31067437

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

877dad25e454ef04b32f440bc3618926fed0ec5fa1e849b656649bd7bd9762c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 04 May 2022 11:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13424
x-xss-protection: 0
last-modified: Wed, 04 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 May 2023 11:06:01 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 199 KB
69 KB 216ms
66ms Script
application/x-javascript 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/cluber.adn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0332c961f04b513638cd90044e7bfd8d7ec820543cec9c65260e974464eb8f12

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 08:16:48 GMT
etag: "17-UxFAZnvfwXBhBCJDSdBwPk96lx0"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 6475cb770ef5b0b8eddf3f60e6f15845
timing-allow-origin: *, *
content-length: 70190

GET
H/1.1 200
OK spt Show response
tg1.unrulyvideo.com/api/adserver/ 21 KB
6 KB 311ms
69ms Script
text/javascript 2a02:26f0:fb::5f65:5862
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.unrulyvideo.com/api/adserver/spt?AV_TAGID=619ba515a690193254144b2f&AV_PUBLISHERID=60a3c2197d9c9c6df4030da6
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/cluber.adn.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:5862 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 55b75a149373bf3e25e6fa3f99fd8be9f4229bb87526bce2e8e226fdf63d9c87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 5938
Expires: Thu, 05 May 2022 14:23:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 134ms
52ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-213652305-88

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/cluber.adn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

057107bbb34d90b0919a2984a3b85c0cf2c42a2eea160c1318e552b836b659c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40760
x-xss-protection: 0
last-modified: Thu, 05 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 May 2022 14:18:09 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

113ms
39ms

Script
text/javascript

2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1157
date: Thu, 05 May 2022 13:58:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 15:58:52 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 108ms
52ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-N9P22G

Protocol

HTTP/1.1

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 05 May 2022 14:18:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2710672821686371805
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 14865
X-XSS-Protection: 0
Expires: Thu, 05 May 2022 14:18:09 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 367ms
176ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d2bc2e5ffa4b7261c2ac1a6eceb1c454980dafd0e52ba285a3c8add76ce786b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-c55c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50524
expires: Thu, 05 May 2022 15:18:09 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 732ms
732ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939229987496703&correlator=3765691102173323&eid=31067238%2C31067437%2C44742767%2C31060032%2C31064018&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fif&iu_parts=339474670%3A32290400%2CCluber%2CSection&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&ifi=2&adks=2299119687&sfv=1-0-38&ecs=20220505&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1651760289524&lmt=1651733080&dlt=1651760288753&idt=671&biw=1600&bih=1200&adxs=250&adys=2680&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&url=http%3A%2F%2Fwww.cluber.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1100x0&msz=1100x0&fws=4&ohw=1600&ga_vid=985734967.1651760289&ga_sid=1651760289&ga_hid=2036488410&ga_fc=false&btvi=1&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

08478dd20fc28e743ca9934eef10e257180cfcf9c011350d56be818cf9d8ea4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10265
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.cluber.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 975ms
974ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939229987496703&correlator=3765691102173323&eid=31067238%2C31067437%2C44742767%2C31060032%2C31064018&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fif&iu_parts=339474670%3A32290400%2CCluber%2Cmini_2_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=225352322&sfv=1-0-38&ecs=20220505&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1651760289531&lmt=1651733080&dlt=1651760288753&idt=671&biw=1600&bih=1200&adxs=436&adys=1110&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&url=http%3A%2F%2Fwww.cluber.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=985734967.1651760289&ga_sid=1651760289&ga_hid=2036488410&ga_fc=false&btvi=0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b5c76d91f496bbc498336d87521d2db982b0341de6b389d5669537f6dc93f4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8971
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.cluber.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 111 KB
34 KB 1343ms
1342ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939229987496703&correlator=3765691102173323&eid=31067238%2C31067437%2C44742767%2C31060032%2C31064018&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fif&iu_parts=339474670%3A32290400%2CCluber%2CATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=4&adks=949738897&sfv=1-0-38&ecs=20220505&fsapi=false&sc=0&cookie_enabled=1&abxe=1&dt=1651760289535&lmt=1651733080&dlt=1651760288753&idt=671&biw=1600&bih=1200&adxs=250&adys=578&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&url=http%3A%2F%2Fwww.cluber.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1100x0&msz=1100x0&fws=4&ohw=1600&ga_vid=985734967.1651760289&ga_sid=1651760289&ga_hid=2036488410&ga_fc=false&btvi=0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c56c3c420940795160b8b84d5e04e44ffcef1b55cf2f4f02594c575ade30b5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34306
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.cluber.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 110ms
38ms XHR
text/plain 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2036488410&t=pageview&_s=1&dl=http%3A%2F%2Fwww.cluber.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=607040990&gjid=913982783&cid=985734967.1651760289&tid=UA-27047610-1&_gid=157585369.1651760290&_r=1&gtm=2wg540N9P22G&z=1025501386

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.cluber.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.cluber.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1062051119/ 3 KB
2 KB 147ms
55ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1062051119/?random=1651760289706&cv=9&fst=1651760289706&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fwww.cluber.com.ua%2F&tiba=%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

057f89f6b1a7c618d9380bbd11d43771325141cba30546020b698df36f346920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 67ms
38ms XHR
text/plain 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2036488410&t=pageview&_s=1&dl=http%3A%2F%2Fwww.cluber.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABAAAAAC~&jid=1416825167&gjid=181110430&cid=985734967.1651760289&tid=UA-213652305-88&_gid=157585369.1651760290&_r=1&gtm=2ou540&z=200897947

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.cluber.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.cluber.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 62ms
34ms Script
text/javascript 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-213652305-88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1157
date: Thu, 05 May 2022 13:58:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 15:58:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
446 B 107ms
35ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27047610-1&cid=985734967.1651760289&jid=607040990&gjid=913982783&_gid=157585369.1651760290&_u=YAhAAEAAAAAAAC~&z=723012722

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.cluber.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 May 2022 14:18:09 GMT
content-type: text/plain
access-control-allow-origin: http://www.cluber.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
servt.unrulyvideo.com/ 0
71 B 394ms
117ms Image
text/plain 54.209.199.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.unrulyvideo.com/track?pid=60a3c2197d9c9c6df4030da6&cid=619ba3c81d31bc085c26d980&cb=1651760289812&r=www.cluber.com.ua&stagid=619ba515a690193254144b2f&stplid=619ba2d0104433662f57ab68&d35=&e=playerLoaded
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.199.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-199-10.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK d3d3LmNsdWJlci5jb20udWE= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 151ms
47ms XHR
application/json 104.90.144.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmNsdWJlci5jb20udWE=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.144.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-144-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 05 May 2022 14:18:09 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=22361
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 50b4a27d58229fa07cadf9cae7175d7
Content-Length: 16
Expires: Thu, 05 May 2022 20:30:50 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 87ms
55ms Image
image/gif 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:09 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 04 Jun 2022 14:18:09 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1062051119/ 42 B
548 B 142ms
53ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1062051119/?random=1651760289706&cv=9&fst=1651759200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=http%3A%2F%2Fwww.cluber.com.ua%2F&tiba=%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&async=1&fmt=3&is_vtc=1&random=2472985016&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/1062051119/ 42 B
548 B 158ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/1062051119/?random=1651760289706&cv=9&fst=1651759200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=http%3A%2F%2Fwww.cluber.com.ua%2F&tiba=%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&async=1&fmt=3&is_vtc=1&random=2472985016&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 109ms
68ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27047610-1&cid=985734967.1651760289&jid=607040990&_u=YAhAAEAAAAAAAC~&z=1113610429

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 121ms
66ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-27047610-1&cid=985734967.1651760289&jid=607040990&_u=YAhAAEAAAAAAAC~&z=1113610429

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/10889689/
Redirect Chain

https://mc.yandex.ru/watch/10889689?wmode=7&page-url=http%3A%2F%2Fwww.cluber.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A1719%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.ru/watch/10889689/1?wmode=7&page-url=http%3A%2F%2Fwww.cluber.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A1719%3Afu%3A0%3Aen%3Autf-8%...

338 B
420 B

89ms
88ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/10889689/1?wmode=7&page-url=http%3A%2F%2Fwww.cluber.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A1719%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1541483668205%3Ahid%3A514343027%3Az%3A0%3Ai%3A20220505141809%3Aet%3A1651760290%3Ac%3A1%3Arn%3A107579335%3Arqn%3A1%3Au%3A1651760290429665923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651760287389%3Ads%3A1057%2C43%2C46%2C45%2C214%2C0%2C%2C321%2C2%2C%2C%2C%2C1901%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651760290%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

12f908ce14d33debedc48668fd87bec3cf0300afc6725dc2738dd80fd912ee03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 05-May-2022 14:18:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.cluber.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Thu, 05-May-2022 14:18:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:10 GMT
last-modified: Thu, 05-May-2022 14:18:10 GMT
location: /watch/10889689/1?wmode=7&page-url=http%3A%2F%2Fwww.cluber.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A1719%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1541483668205%3Ahid%3A514343027%3Az%3A0%3Ai%3A20220505141809%3Aet%3A1651760290%3Ac%3A1%3Arn%3A107579335%3Arqn%3A1%3Au%3A1651760290429665923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651760287389%3Ads%3A1057%2C43%2C46%2C45%2C214%2C0%2C%2C321%2C2%2C%2C%2C%2C1901%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651760290%3At%3A%D0%9A%D0%BB%D1%83%D0%B1%D0%B5%D1%80%20%E2%80%94%20%D1%81%D0%B0%D0%BC%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D0%B8%20%D0%BB%D0%B8%D1%87%D0%BD%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%B9%20%D1%80%D0%BE%D1%81%D1%82&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://www.cluber.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-May-2022 14:18:10 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 91ms
91ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 05 May 2022 15:18:10 GMT

GET
H3 200 container.html Show response
c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12E2 6 KB
3 KB 125ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.cluber.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 14:18:09 GMT
expires: Fri, 05 May 2023 14:18:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ 36 KB
12 KB 402ms
283ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=http%3A%2F%2Fwww.cluber.com.ua%2F&idx=0&rand=26607&key=ADNIMKAJDGAG4GAO6AGG6H5KP&widgetJSId=READNXT_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=4187&vpd=2987&cw=1600&activeTab=true&darkMode=false&settings=true&recs=true&version=2000701&sig=WnHCcH18&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=http%3A%2F%2Fwww.cluber.com.ua%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70dc9ba66806e5ad344c317370a5fd7a80691dd29ac8f9aa5df647e615b3fbdd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, CHI, FRA, Europe2
x-timer: S1651760290.271417,VS0,VE243
accept-ranges: bytes
x-served-by: cache-chi-kigq8000048-CHI, cache-fra19164-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 1c05f7eb59ac61e6ba2369973588bfbe
content-encoding: gzip
content-length: 12437
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 12E2 2 KB
537 B 136ms
50ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 12:55:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 14:18:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 14:18:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8866 8 KB
892 B 116ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 May 2022 12:59:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 May 2022 14:18:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 May 2022 14:18:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame 8866 2 KB
983 B 203ms
106ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:12:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/ Frame 8866 19 KB
8 KB 182ms
88ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/abg_lite_fy2021.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a569c3e3ca972c5d43cbb411466c5754962f821d3cb996d879775acdf0bf5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 12:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7970
x-xss-protection: 0
server: cafe
etag: 7848051674375673991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 12:31:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame 8866 3 KB
1 KB 200ms
107ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/window_focus_fy2021.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:12:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8866 120 KB
37 KB 60ms
53ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 14:18:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame 8866 15 KB
6 KB 193ms
100ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6374
x-xss-protection: 0
server: cafe
etag: 12872279909177429123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:07:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8866 0
0 136ms
48ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrMWOGa1Y4ZdZlObwHlPho_R4tg6mdggVRm1TFhTqVlMcwyO_g1VwoH2ik1_boCBGFk_5M
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 8866 30 KB
13 KB 145ms
46ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 02 May 2022 20:52:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 12:17:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/elements/html/ Frame 12E2 19 KB
8 KB 175ms
90ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 04 May 2022 22:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 1301743315790764339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 22:54:37 GMT

GET
H2 200 more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 12E2 233 B
550 B 137ms
48ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 04 May 2022 08:45:37 GMT
x-content-type-options: nosniff
age: 106353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 May 2023 08:45:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 12E2 205 B
294 B 137ms
49ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:11:36 GMT
x-content-type-options: nosniff
age: 394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 May 2023 14:11:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 12E2 604 B
695 B 138ms
50ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 07:05:09 GMT
x-content-type-options: nosniff
age: 25981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 May 2023 07:05:09 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame EEF1 222 KB
62 KB 157ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 352000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EEF1 16 KB
6 KB 226ms
112ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 351999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:31 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EEF1 96 KB
29 KB 232ms
118ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 532012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Apr 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EEF1 5 KB
2 KB 247ms
133ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 532012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 29 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame EEF1 42 KB
13 KB 247ms
134ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 352000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sun, 01 May 2022 12:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 01 May 2023 12:31:30 GMT

GET
DATA 200
OK truncated
/ Frame EEF1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e4f685beaaa7ec6500896c7d8a028a9d65fb7c75c35f37d68c802e1f537c127

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7044585311221013173
tpc.googlesyndication.com/simgad/ Frame EEF1 26 KB
26 KB 79ms
45ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7044585311221013173?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmnAtvkjbKgwMzEBqjRlgrIuhTU0A

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7ff41e59f1413fd5c8a8d34830c5af4defa6a9a6d5583ea4c97cc5df9d64810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:33:17 GMT
x-content-type-options: nosniff
age: 506693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26436
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:47:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Apr 2023 17:33:17 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EEF1 3 KB
3 KB 131ms
97ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 05:59:37 GMT
x-content-type-options: nosniff
server: cafe
age: 29913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6726277462267614359
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Fri, 06 May 2022 05:59:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EEF1 344 B
807 B 75ms
42ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 27116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 06 May 2022 06:46:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EEF1 0
0 87ms
87ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFDTkodxzYpyHOZH_gQfKlpbQC9Ssvt5pqZuDxcwPi_rz_QgQASDln-4sYLuGgIDQCqABzd6WsSjIAQKpAqC086gJH4M-4AIAqAMByAMIqgT7AU_Q-S7dwlfnjm14g4sWJAm1-uleFutHWyAZuiTc5f2MDd7wM29BAdMKuglHo01vEDMkXVhJ6L6V9adA5LCx6Ta_bn8eW6vGRFwDHcThcoO7JtsWhPFMqo05boqFirWiOA0e4Y0dQ3afp8hvJAV3ZBUiZ2mwb8i6_XNNXjo3ubdykXP8My5_9OBK1IGeNvu9vlyDA3J7lg_hINr83sDaZcPqXW15_Fu0c3TUgUX2PTaYI93nE5-ww24KuCyWQiXjvsGVONyI_CxKNsoa9DmdVFQEFpUMjGA8LbD8m0zIC643h7CU4EJuMQ9800a37rL_1ngw0yULbMLNlD0MwATj0Lu68QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHzZbnkAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDViwrSCAkIgOGAEBABGB2ACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItODU3MzMyNTk0MDE1MjY5NBiuiyI&sigh=wOHsxw0y2_s&uach_m=[UACH]
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BFC 35 KB
14 KB 144ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 21:13:20 GMT

GET
H3 200 container.html Show response
c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C12 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.cluber.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 14:18:09 GMT
expires: Fri, 05 May 2023 14:18:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EEF1
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

111ms
103ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H3
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Date: Thu, 05 May 2022 14:18:10 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 467ms
116ms Fetch
text/plain 64.74.236.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=6423147662957c5744e413c86d5fbfbc_10621_1651760290451&tm=762&eT=0&widgetWidth=1600&widgetHeight=0&widgetX=0&widgetY=4277&wRV=2000701&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=457&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 05 May 2022 14:18:11 GMT
content-encoding: gzip
X-TraceId: 1e8a6f1eb572cb285041fc3a20992edb
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 readNext.js Show response
widgets.outbrain.com/nanoWidget/2000701/module/ 6 KB
3 KB 56ms
55ms Script
application/x-javascript 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000701/module/readNext.js?e=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7f5b45625c9e45fb020b883d8af0ec35faaca2eb373f7fa7f212a9e5d64ce99a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 08:15:08 GMT
server: AkamaiNetStorage
etag: "d4009179a3f4e1937afe1d917a1a8301:1651567324.771399"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2331
expires: Thu, 05 May 2022 18:18:10 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E94B 624 B
299 B 150ms
53ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGMvtg8YBMAE&v=APEucNVnYMpyjO3Oq5XQgZpKGMx-tl2mcxjz8moJKFKRXN1fJlr4wBhl2b7M_f-1wSYPXAej8iRHeo-sm4trv7Tce1hJOiEZAKE7tm-ZLhDMl8FGnr_5aez6GW_EUHfwBBS3QgMcaNAkv_QbYmLEnYEvKnFdDuaGMrdVmuZIePRkzws2MXR9vG4jZIsAWpGIvkGISICZY4br_QapsMxifCjNLeRIzmIQQw

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 14:18:10 GMT
expires: Thu, 05 May 2022 14:18:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C12 27 KB
16 KB 186ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dufaqn_cmrWzaDCDgjJ1Xfq0cPFGC_2ENBr7h9U0gjtpNDf_-CAE0CK-9TLb_7v3NCpemXuPcrzDSGk4CheEmftM0rwAM8MOgNYE6p0BKxSSKQVmzfi9AFMKWNDk8D6dWDpgiywq4ukui29BbBlZvyFy5PoQ&cry=1&dbm_d=AKAmf-DlWrxH3VyrgwguXb86_OT7hiycz7gaGhO4-jfJM7wDXGghma_NmFDNYDI7f7SE0HN3rLCfgjV66kIXrWrSgLiCt3mdVh17iIQma9DqImydSgcQ89e2oNU6zQxSlnkubOkdjuPfGbJVNlZyRfSZL6zfLz6Pt08ohT7sj_rIikFRlYJWgx7g-ulUTQJ6AcmieORUJ3xunB2DRgREWFUzjXB6kln3Uc0EGL-bpB1mqq4r6nLjN9hG2tkkpH9iSUFud4FjyR_-BD8IiIOgS3MBJw9bZ-y6urDIGsuA_MCdRc0KizwNK4H__zCrv7NWoNX8G-GlerN2bFq8Kk0EqLTmToW-Ffw7luEzrByS5cIBi2d5WlvTzKqlFPR2MrjZiE7ZCfvzqufIf7O44Bkf6pe71xu6cxwZp7MJgmwGUoS7SqkQ3KljRef0DZs-6SrP6lHeVzBtBY5tohDVH8plhDYI8WUOv91B3PoXfpxqSNRlkjyGytVhA1e82b-v9i0bYDwBYva_60JDgTMD0HVTn1gThF4QgwNV2PqzxWu06Bfx42bRqMVN8Jv0nSYyQ_2CwqN2S0M7UET35k3eObX-OmIKNgKQ47Am3E1Bjf5QCkfpYmEMmNfIKwfykaU2RjTIyllCkZWqik0SOTSIMcfLL8s1x6tDENAsD6vEUEl3eQZBBAg8p-ZyqneQHkfBu57sRWuJW7ihk6OdZqbmf2tZMCAOrk8sCAQ3X8jt8NKPJM0Ty6yPoqfQHnoCxHQEtvVFNP-Ah2CDrX7ROLclYGfV0GKgxCvPCnL-p0FW9xKla8wweNEYsTWX1b2RG8ux1ZP_6Suef2Jp_BTyjSgJWqg6Wn-XaUv4TeZ06i9KxRl8lKrABN-BazLoqIA4EDqnlvdqyuyMRtvEDtDFkrQY6JXAX8uOrz32YVpc1Wm86xBPYLn0NGs5C26ov-woPVUyrp6PCntuEW8bTywomfop2FkFgXvNMkmGSM-f93T8AIoBk-Z0rPQxkp9fQwpG_Xzk-u7qSSDJsYbvt4ZMNy_yzDSdU8fMkM5GP4rjLQS3yeatrAb5nRwj8CsVIH87dwdru2KfqF3cuCZK82v6gG-ofn1S3iAL_E2XEks8HZBa7uPAbVM-Yfzyvr1Q2RAKFJsS1KOQQxF9_X5Hxm2nHrZ_0rOw2gulk509Zbyb2_yjOG8xL0sjFpNQVWeSoSdEwe6vJqX8dsh7BHNR3ikk_NDSJfzp0IhGYPtG-1XnAdUPjL_BEcJA5i8xxMCIlZqcxU2vCJ46f4VN0tnrYkYjvxLTu90XAiS-6EFhQpWAZiNa5e16zpQDeSMIC1HvlyrBJEgH3l9PV3zWCsmOGsNkpXraidgN3FZmrD_6mE8QByRZ242ZzNHcJQM8WnEhx-qG3BkcJzx5CpVgDAcipkK_lhJZm-2FC1Wr2HinGDVo5C3buiVT7JsWtc5qLXNhw6NNgLb2QGLzUma6JeH-crAMl1-xPKS7XE4eMA2FATJxQy_BayLPPKlCNNOGU3Y00sES3NvQ2ga4ns3KbkYjuRFN2x5SnRY0g5HBEXMuijFh9FlVTbP6RLXmzfITEyKiZWVoFCQEDic_6x-mltLVZ21-r9adL4VzQAZVi1hKbI3VGU0Zdh2ngpP1_FOEmF-wcrI_AWGFnNMRq6fI-tS_H1qp6Ixi3Ps_wFKAQV3Viho2dYT7duhfkZqUQuhxeyIor_KfvBF7T8jTGfPbkPTuBIzhqb0VEjBBO7H-CYa1IPsq3Hk2M8uWLIwqKcGe4ZqWnB3GRrtV13Rh9AYcH65EJtWz-tX5QTAJ-8j0-EMfGwTBtdzxPgl0BhN6bbpTHs4JJNdFujRLYJfoXasKey_5aH5yrZSoiQsg6_slsc90i1Yy4E1YAImsnG9WMyeSU_MjFoekfQLzOKkNsyaXgRqw8Hk3CuvKqx-qw9TZTkYYETte-a1VbXs3jsKQLtIiwR9kx1CpVEmy3UBi4GLuy2BIcl0szUzBNk0tb2j89nwPV6M0VSvjfWXKm9KVnzwzCgaWY1W3SpNDf-d0_RRO6LsKMVnibSKlrLiOw0N2YEZmQzFudQJ7CnF0C6S9IBXY6NEIOqd55eKtu_345UJQ71YhpRK4AWXwaieufLOSZzKsfOh9jZN9kSG3mXMLHuJcE0EyY24Mu5If13CpDNppS8aUUT_5CPy6CbR3_C1WuLuiLm3c_w5KfB_7SsUL2utv-42CpnGsrDlvr1Sm7DXW334UFyCJVdjbd1TaeZdQ8abShQHeqRGym5SQ1AOLgA0rVikhxXaHrYKgBnlUFmJNHlC77TvQUtLi5kRPKfkagG5S1dyVmchvv69MPD6tIUdE7_NxkY8sPsSWHsDzBFVM6ePm7r25uBSNDkG-MUcP1_jN2HLmbyCi5Itjc9ceVBAPCHAwBHCh-3tCK35E2VcmxbpQztQXCGZnRYq5xA61_-0rsoT6_rTqew17GYoRw5fgFDqWybI58hpERLneSt8pK5cnduLG3w59TzVhhHiBi6j4BNVcC2HRCnIt4xKrvzB3v-Y92vpFfSFHDy943xbL1Cg5lnD9UAufUYuoniy3h2hthDJMdYlZ6fqz6tYbhXCQeJJ2SdbYGSYgntoWGAhSnxOt1qJtAidNVX8rDjhw7uRepJY4EfbPCfAVBqQiBI7PhXzzqL2EOGfF26qFClxs4yRoMc3jDKdGkdQXvPHVGVg4vCkCIXHhlOQh_IxIOE5HJJRNOL7Vym9kvhAW049F3RPHJO9TI4Sddgw6GYRYkvfnQtUkVLYfqNwTx1Yy0BBf5lVfhamyUfxK-_qiJ6tgT1iTpltWY7DwUE3IYXpc_H9WlMQE9vM8HxucoV8GwFz_rMi9RsO6aUWLFYhEVDu6Ci5BpG-Aw4O4dVnJSiLvh6qUoMYS5-VFerGDtW5rlM-06ciUKClHUx2RH8NVD13sm8ck2Fr-4pVq8IHCRlDY0dem0DNecbyESxDXRqqSU05CCfnx7EyDb735w_MkED1EekfkW18hSwxVHUW5G8glTO8tRn81ZJ2Dduzp_XLBhBTf5YcUF7UMpYnpYZ8QBGz9kJw3IwxKPgoBs6wkbj09EMSAUqeFKpfcf-EYvdkES7s4OqsS4_gG_7sSbHIhJ0oQD7bW-PalygHgow-bno7MPn7_K6irEacZT9E3NGt7Fx4-Zd_qZTu5fG1anLt7rB3yddhd60pU9w_MkujOLD3vEVULS16766x8mqF4a_cMec6Zt8bztro&cid=CAQSLgCNIrLMz0OgNRLjCzyYskGHVT6EmI02tVH2fIKURKGKiyVDDy--R-_0uSmMqbM&rfl=1%2Chttp%253A%252F%252Fwww.cluber.com.ua%252F%240

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf64454b9ac07e648cebe4837c2d4a5cbc7c8028c0fcbae94002419a9a3b649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16497
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C12 42 B
286 B 75ms
73ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DmR0NnU8e3Bgy51O4zfUUhnQ-uq7TM28Tl95u8peGXz6cbbwQMluxPTkNRLGVf8JEfYkqBXYDLItbtc44hqIbhpr1vQUBF4E0NaHbAVCKfA_W4z3U

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/995085/61697692/dcm/ Frame 2C12 233 KB
71 KB 147ms
42ms Script
application/javascript 52.210.113.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/995085/61697692/dcm/dcmads.js
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.113.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-113-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f9a3aed1f008beb5b4d18b9451fa0c3aaa18d9a64e8698f47a783e8db8cd9621

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 2C12 47 KB
13 KB 153ms
48ms Script
application/javascript 52.209.180.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=114768606805&placementId=415299275&dealId=549644393847897261&adsafe_par&impId=ABAjH0gWTw7v4DKk-B3b9G7J-3B5&bidurl=http://www.cluber.com.ua/
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.180.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-180-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 939046f2c9b7b2a1db0ea71e683a0cde26c17c56aeb97ac9312e31709a44d962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame 2C12 3 KB
1 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 13:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 13:42:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C12 120 KB
37 KB 59ms
58ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 14:18:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame 2C12 15 KB
6 KB 139ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:05:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2C12 0
0 52ms
52ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRh97XGxZDTW4OR-X5j6iq_2FdRFg3ZgS5A_AHP0l53MHCvjYvfmRdptCTnNMLuJXocQ2RT
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 eyJpdSI6IjhjOWI3N2MzN2UwZDg1Mzk5MThjNmYwNjcxMmMwYTJhMjlhZmFmMzkyMDZjMjYxMDk0OTY0OGZjMTczYzg5NmUiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 206ms
98ms Image
image/webp 104.90.144.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhjOWI3N2MzN2UwZDg1Mzk5MThjNmYwNjcxMmMwYTJhMjlhZmFmMzkyMDZjMjYxMDk0OTY0OGZjMTczYzg5NmUiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000701/module/readNext.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.144.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-144-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ac72f2dbf851aff5794431993956a2356259b1c059aeaada6d95b8134b65eea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
cache-control: max-age=1835275
last-modified: Sun, 20 Mar 2022 22:51:13 GMT
x-traceid: 8ec1934d3d2c1623a8a4486824b64c0c
timing-allow-origin: *
content-length: 18024
content-type: image/webp

GET
H2 200 eyJpdSI6ImJiNzU5ZWRjYTUyZmQ0NGQ0NTZiMThlMjYxNTNjNmJlYjJlM2NhYmVhMGQ0OTkzNzVmNjRkODQwMzVhYmQ5ZmEiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 29 KB
29 KB 203ms
96ms Image
image/webp 104.90.144.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJiNzU5ZWRjYTUyZmQ0NGQ0NTZiMThlMjYxNTNjNmJlYjJlM2NhYmVhMGQ0OTkzNzVmNjRkODQwMzVhYmQ5ZmEiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000701/module/readNext.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.144.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-144-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee292ae9f7b643b9bcf42da01fd7d96285b66c5f57a5f885a55f630d906465a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
cache-control: max-age=2357711
last-modified: Tue, 05 Apr 2022 16:22:15 GMT
x-traceid: 58fcca41ec935a82b4859dc4645a9b27
timing-allow-origin: *
content-length: 29869
content-type: image/webp

GET
H2 200 eyJpdSI6IjlhYjU3MzBmNDYwMThkYWQ4YjBhMmQ5MDA5ZmEwNzZmODc0Mzg2ZGNmMzQwODdiMWMxMzk4OTQwNTUxOGQ4NjkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 16 KB
16 KB 239ms
133ms Image
image/webp 104.90.144.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlhYjU3MzBmNDYwMThkYWQ4YjBhMmQ5MDA5ZmEwNzZmODc0Mzg2ZGNmMzQwODdiMWMxMzk4OTQwNTUxOGQ4NjkiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000701/module/readNext.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.144.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-144-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 67382fecc8725abb2594f3efcf0aec82fc8e1c5741571da6364299b129fe7ab0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
cache-control: max-age=1510793
last-modified: Sun, 31 Oct 2021 09:40:18 GMT
x-traceid: ad455ccd17249005ce94123750e4bc07
timing-allow-origin: *
content-length: 16422
content-type: image/webp

GET
H2 200 eyJpdSI6ImUxOGM4OGY5ZGQ5ZjRlNzEzMmNhM2VkYzY2NThmZjBmZWM2ODczYzU5Y2Q2ODE4MDVlZjVhMTQ4MzUzZDhlMDUiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 64 KB
65 KB 239ms
133ms Image
image/webp 104.90.144.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUxOGM4OGY5ZGQ5ZjRlNzEzMmNhM2VkYzY2NThmZjBmZWM2ODczYzU5Y2Q2ODE4MDVlZjVhMTQ4MzUzZDhlMDUiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000701/module/readNext.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.144.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-144-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19786aba2c4cd92a79c5d9784348adc3a41451971684ccc19c00aa7045bf8636

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
cache-control: max-age=628417
last-modified: Sat, 02 Apr 2022 12:33:38 GMT
x-traceid: 388c3cf87612222d557875d2b9a7e5f1
timing-allow-origin: *
content-length: 66026
content-type: image/webp

GET
H2 200 eyJpdSI6ImMxODM4OTliOGRlOGRiOGY2NGQ2NDVjOGU5MDc0MzZlMWZkYjFjZWIwZDQwYTJkOWYwODc3M2Y3YzE4NmU5MjYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 35 KB
36 KB 153ms
47ms Image
image/webp 104.90.144.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImMxODM4OTliOGRlOGRiOGY2NGQ2NDVjOGU5MDc0MzZlMWZkYjFjZWIwZDQwYTJkOWYwODc3M2Y3YzE4NmU5MjYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000701/module/readNext.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.144.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-144-34.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 577d9cb4933dbc601e9dbbc2d5a95267858001689f7d372d9f58572341956021

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
cache-control: max-age=1834180
last-modified: Thu, 28 Apr 2022 07:13:00 GMT
x-traceid: b730b4c2a52c6b808d68f923e02f0b9d
timing-allow-origin: *
content-length: 36234
content-type: image/webp

GET
H2 200 icon-x.svg
widgets.outbrain.com/images/widgetIcons/ 497 B
800 B 67ms
66ms Image
image/svg+xml 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/icon-x.svg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68f9042a03dfb106098795785893fa607d2c51151b3abcb8d03484025f8eb3ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "087fa4fcfa58595ea95459f109778065:1651391307.162511"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 497
expires: Sat, 04 Jun 2022 14:18:10 GMT

GET
H2 200 icon-chevron.svg
widgets.outbrain.com/images/widgetIcons/ 579 B
883 B 69ms
69ms Image
image/svg+xml 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/icon-chevron.svg
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0aa0acb01b3dad7e2951b7c5d394ed8f4260b17ee26e41db30ceefbe579b3020

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:10 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "6766e0b105f8d44fb6b14b081c5dd045:1651391304.244844"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 579
expires: Sat, 04 Jun 2022 14:18:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E94B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1&C=1

43 B
1012 B

124ms
124ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGMvtg8YBMAE&v=APEucNVnYMpyjO3Oq5XQgZpKGMx-tl2mcxjz8moJKFKRXN1fJlr4wBhl2b7M_f-1wSYPXAej8iRHeo-sm4trv7Tce1hJOiEZAKE7tm-ZLhDMl8FGnr_5aez6GW_EUHfwBBS3QgMcaNAkv_QbYmLEnYEvKnFdDuaGMrdVmuZIePRkzws2MXR9vG4jZIsAWpGIvkGISICZY4br_QapsMxifCjNLeRIzmIQQw
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 14:18:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 05 May 2022 14:18:11 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 May 2022 14:18:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 05 May 2022 14:18:11 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E94B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnPco4FeMT2o6ddtbiVT-AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1

43 B
892 B

103ms
103ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGMvtg8YBMAE&v=APEucNVnYMpyjO3Oq5XQgZpKGMx-tl2mcxjz8moJKFKRXN1fJlr4wBhl2b7M_f-1wSYPXAej8iRHeo-sm4trv7Tce1hJOiEZAKE7tm-ZLhDMl8FGnr_5aez6GW_EUHfwBBS3QgMcaNAkv_QbYmLEnYEvKnFdDuaGMrdVmuZIePRkzws2MXR9vG4jZIsAWpGIvkGISICZY4br_QapsMxifCjNLeRIzmIQQw
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 14:18:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 05 May 2022 14:18:11 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdk9zhjYsp-dxxmHlxR5Ss&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E94B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOVokl_Bh7cZml3vZcbzbeg&google_cver=1

43 B
1020 B

128ms
59ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOVokl_Bh7cZml3vZcbzbeg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGMvtg8YBMAE&v=APEucNVnYMpyjO3Oq5XQgZpKGMx-tl2mcxjz8moJKFKRXN1fJlr4wBhl2b7M_f-1wSYPXAej8iRHeo-sm4trv7Tce1hJOiEZAKE7tm-ZLhDMl8FGnr_5aez6GW_EUHfwBBS3QgMcaNAkv_QbYmLEnYEvKnFdDuaGMrdVmuZIePRkzws2MXR9vG4jZIsAWpGIvkGISICZY4br_QapsMxifCjNLeRIzmIQQw

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 14:18:11 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b3b69921-d098-42fb-91ea-37d3980ad20a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOVokl_Bh7cZml3vZcbzbeg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E94B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ3Nzc1MjUwNzAyMDIyNTg5MQ%3D%3D

170 B
188 B

140ms
55ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ3Nzc1MjUwNzAyMDIyNTg5MQ%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 May 2022 14:18:10 GMT
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bbdb4038-19c2-4b5b-8f17-cf66b4fd83e2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ3Nzc1MjUwNzAyMDIyNTg5MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220503/r20110914/ Frame 2C12 25 KB
10 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220503/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dufaqn_cmrWzaDCDgjJ1Xfq0cPFGC_2ENBr7h9U0gjtpNDf_-CAE0CK-9TLb_7v3NCpemXuPcrzDSGk4CheEmftM0rwAM8MOgNYE6p0BKxSSKQVmzfi9AFMKWNDk8D6dWDpgiywq4ukui29BbBlZvyFy5PoQ&cry=1&dbm_d=AKAmf-DlWrxH3VyrgwguXb86_OT7hiycz7gaGhO4-jfJM7wDXGghma_NmFDNYDI7f7SE0HN3rLCfgjV66kIXrWrSgLiCt3mdVh17iIQma9DqImydSgcQ89e2oNU6zQxSlnkubOkdjuPfGbJVNlZyRfSZL6zfLz6Pt08ohT7sj_rIikFRlYJWgx7g-ulUTQJ6AcmieORUJ3xunB2DRgREWFUzjXB6kln3Uc0EGL-bpB1mqq4r6nLjN9hG2tkkpH9iSUFud4FjyR_-BD8IiIOgS3MBJw9bZ-y6urDIGsuA_MCdRc0KizwNK4H__zCrv7NWoNX8G-GlerN2bFq8Kk0EqLTmToW-Ffw7luEzrByS5cIBi2d5WlvTzKqlFPR2MrjZiE7ZCfvzqufIf7O44Bkf6pe71xu6cxwZp7MJgmwGUoS7SqkQ3KljRef0DZs-6SrP6lHeVzBtBY5tohDVH8plhDYI8WUOv91B3PoXfpxqSNRlkjyGytVhA1e82b-v9i0bYDwBYva_60JDgTMD0HVTn1gThF4QgwNV2PqzxWu06Bfx42bRqMVN8Jv0nSYyQ_2CwqN2S0M7UET35k3eObX-OmIKNgKQ47Am3E1Bjf5QCkfpYmEMmNfIKwfykaU2RjTIyllCkZWqik0SOTSIMcfLL8s1x6tDENAsD6vEUEl3eQZBBAg8p-ZyqneQHkfBu57sRWuJW7ihk6OdZqbmf2tZMCAOrk8sCAQ3X8jt8NKPJM0Ty6yPoqfQHnoCxHQEtvVFNP-Ah2CDrX7ROLclYGfV0GKgxCvPCnL-p0FW9xKla8wweNEYsTWX1b2RG8ux1ZP_6Suef2Jp_BTyjSgJWqg6Wn-XaUv4TeZ06i9KxRl8lKrABN-BazLoqIA4EDqnlvdqyuyMRtvEDtDFkrQY6JXAX8uOrz32YVpc1Wm86xBPYLn0NGs5C26ov-woPVUyrp6PCntuEW8bTywomfop2FkFgXvNMkmGSM-f93T8AIoBk-Z0rPQxkp9fQwpG_Xzk-u7qSSDJsYbvt4ZMNy_yzDSdU8fMkM5GP4rjLQS3yeatrAb5nRwj8CsVIH87dwdru2KfqF3cuCZK82v6gG-ofn1S3iAL_E2XEks8HZBa7uPAbVM-Yfzyvr1Q2RAKFJsS1KOQQxF9_X5Hxm2nHrZ_0rOw2gulk509Zbyb2_yjOG8xL0sjFpNQVWeSoSdEwe6vJqX8dsh7BHNR3ikk_NDSJfzp0IhGYPtG-1XnAdUPjL_BEcJA5i8xxMCIlZqcxU2vCJ46f4VN0tnrYkYjvxLTu90XAiS-6EFhQpWAZiNa5e16zpQDeSMIC1HvlyrBJEgH3l9PV3zWCsmOGsNkpXraidgN3FZmrD_6mE8QByRZ242ZzNHcJQM8WnEhx-qG3BkcJzx5CpVgDAcipkK_lhJZm-2FC1Wr2HinGDVo5C3buiVT7JsWtc5qLXNhw6NNgLb2QGLzUma6JeH-crAMl1-xPKS7XE4eMA2FATJxQy_BayLPPKlCNNOGU3Y00sES3NvQ2ga4ns3KbkYjuRFN2x5SnRY0g5HBEXMuijFh9FlVTbP6RLXmzfITEyKiZWVoFCQEDic_6x-mltLVZ21-r9adL4VzQAZVi1hKbI3VGU0Zdh2ngpP1_FOEmF-wcrI_AWGFnNMRq6fI-tS_H1qp6Ixi3Ps_wFKAQV3Viho2dYT7duhfkZqUQuhxeyIor_KfvBF7T8jTGfPbkPTuBIzhqb0VEjBBO7H-CYa1IPsq3Hk2M8uWLIwqKcGe4ZqWnB3GRrtV13Rh9AYcH65EJtWz-tX5QTAJ-8j0-EMfGwTBtdzxPgl0BhN6bbpTHs4JJNdFujRLYJfoXasKey_5aH5yrZSoiQsg6_slsc90i1Yy4E1YAImsnG9WMyeSU_MjFoekfQLzOKkNsyaXgRqw8Hk3CuvKqx-qw9TZTkYYETte-a1VbXs3jsKQLtIiwR9kx1CpVEmy3UBi4GLuy2BIcl0szUzBNk0tb2j89nwPV6M0VSvjfWXKm9KVnzwzCgaWY1W3SpNDf-d0_RRO6LsKMVnibSKlrLiOw0N2YEZmQzFudQJ7CnF0C6S9IBXY6NEIOqd55eKtu_345UJQ71YhpRK4AWXwaieufLOSZzKsfOh9jZN9kSG3mXMLHuJcE0EyY24Mu5If13CpDNppS8aUUT_5CPy6CbR3_C1WuLuiLm3c_w5KfB_7SsUL2utv-42CpnGsrDlvr1Sm7DXW334UFyCJVdjbd1TaeZdQ8abShQHeqRGym5SQ1AOLgA0rVikhxXaHrYKgBnlUFmJNHlC77TvQUtLi5kRPKfkagG5S1dyVmchvv69MPD6tIUdE7_NxkY8sPsSWHsDzBFVM6ePm7r25uBSNDkG-MUcP1_jN2HLmbyCi5Itjc9ceVBAPCHAwBHCh-3tCK35E2VcmxbpQztQXCGZnRYq5xA61_-0rsoT6_rTqew17GYoRw5fgFDqWybI58hpERLneSt8pK5cnduLG3w59TzVhhHiBi6j4BNVcC2HRCnIt4xKrvzB3v-Y92vpFfSFHDy943xbL1Cg5lnD9UAufUYuoniy3h2hthDJMdYlZ6fqz6tYbhXCQeJJ2SdbYGSYgntoWGAhSnxOt1qJtAidNVX8rDjhw7uRepJY4EfbPCfAVBqQiBI7PhXzzqL2EOGfF26qFClxs4yRoMc3jDKdGkdQXvPHVGVg4vCkCIXHhlOQh_IxIOE5HJJRNOL7Vym9kvhAW049F3RPHJO9TI4Sddgw6GYRYkvfnQtUkVLYfqNwTx1Yy0BBf5lVfhamyUfxK-_qiJ6tgT1iTpltWY7DwUE3IYXpc_H9WlMQE9vM8HxucoV8GwFz_rMi9RsO6aUWLFYhEVDu6Ci5BpG-Aw4O4dVnJSiLvh6qUoMYS5-VFerGDtW5rlM-06ciUKClHUx2RH8NVD13sm8ck2Fr-4pVq8IHCRlDY0dem0DNecbyESxDXRqqSU05CCfnx7EyDb735w_MkED1EekfkW18hSwxVHUW5G8glTO8tRn81ZJ2Dduzp_XLBhBTf5YcUF7UMpYnpYZ8QBGz9kJw3IwxKPgoBs6wkbj09EMSAUqeFKpfcf-EYvdkES7s4OqsS4_gG_7sSbHIhJ0oQD7bW-PalygHgow-bno7MPn7_K6irEacZT9E3NGt7Fx4-Zd_qZTu5fG1anLt7rB3yddhd60pU9w_MkujOLD3vEVULS16766x8mqF4a_cMec6Zt8bztro&cid=CAQSLgCNIrLMz0OgNRLjCzyYskGHVT6EmI02tVH2fIKURKGKiyVDDy--R-_0uSmMqbM&rfl=1%2Chttp%253A%252F%252Fwww.cluber.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9783
x-xss-protection: 0
server: cafe
etag: 9821519945299111448
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:15:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C12 41 KB
15 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 12:17:33 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3B2E 22 KB
8 KB 42ms
41ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 179269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 12:30:21 GMT
expires: Wed, 03 May 2023 12:30:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E757 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.cluber.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 14:18:09 GMT
expires: Fri, 05 May 2023 14:18:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B2E 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 12:51:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 12:51:09 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame E757 2 KB
904 B 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:02:56 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E757 0
0 83ms
83ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUiD7otxzYsCTHdWk7gPF5rP4Bf2b3vVo0tagocYP0tjwz5AvEAEg5Z_uLGC7hoCA0AqgAdbvufYDyAEJ4AIAqAMByAPLBKoE5AFP0DPj-yU_3GuWaj1cI_RuwdypM-d8H54a9cmcvP_URjVmAK7Me29tWxFtEqHAax6awMcbvPOLldkz-vnYx6VJSayRTt1w03R9-LJuAiqab0VtX9w8y-DC12eLol1c-MlimYZ9_9-f_n5UCnQ3O-z9ZIm5xmOhMOUesmtc8trZ9f69PWIRkyXIN0bFU4mrsX1KkLNIIIp5Yu-_gf0hFirxXXAPjrUZm8W6qkQqcdIaoVYbOyUgTCvqZiHiNz0WueLQ6N2NkIvEmCJx0E8qQBPyosVepah3tO9RZJW6VXvF_-m3fonABPSn_MzyA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeSkMYJqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEKqzA9IICQiI4YAQEAEYHYAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi04NTczMzI1OTQwMTUyNjk0GK6LIg&sigh=fzxSHeOzuHw&uach_m=[UACH]&template_id=494
Requested by: Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/ Frame E757 19 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/abg_lite_fy2019.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:15:27 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame E757 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/window_focus_fy2019.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 13:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 13:42:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E757 120 KB
37 KB 53ms
52ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 14:18:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/ Frame E757 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220503/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:05:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E757 0
0 49ms
49ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuDZ79HpCVrUgEQNnWY56-D9zJIoYikIXs7IIgtd0JEZDJRL2tVzPAfaU_rnDBsl_LOgALaZ98lp6H1VfvD262-mj_ew
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame E757 30 KB
12 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 02 May 2022 20:52:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 12:17:25 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E757 23 KB
23 KB 147ms
41ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTKe_RjcbBqrwRWkS0ZOgJojUUO64ZWxW9DucDlsL3cSWWzAq4f&usqp=CAI

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67d9045a84b2424899a0bee08dd8a0675308270d4c7420071eddf553deb05583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 18:03:26 GMT
x-content-type-options: nosniff
age: 332085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23283
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 01:46:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 01 May 2023 18:03:26 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E757 28 KB
28 KB 147ms
42ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTdmRvJiWnv9H-5NnasYFuv4Su2VkjoQLCLMdfQb0fZCE3uBhflJxUTqtHS0Lg&usqp=CAI

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3938b318737d1b6f03e5cc31ba56fa4160e34865bdeb025ef73227ae1046a4ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 09:07:34 GMT
x-content-type-options: nosniff
age: 191437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28544
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 00:56:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 May 2023 09:07:34 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E757 32 KB
32 KB 184ms
79ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRSAUNpardg_QiKZ5SBYLF_Z759g5BePxIB-846L-5mruP9L5LCf75zzGiFh-w&usqp=CAI

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ac415f5be68d3b1e4e2b1ac1e1e2e7bf47e98e14d1b2c2521c21a33255e0181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 05:56:30 GMT
x-content-type-options: nosniff
age: 375701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32914
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 01:27:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 01 May 2023 05:56:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E757 22 KB
22 KB 211ms
106ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRzSntr_zbnuBhZoyE8z8rzduHOOWFEygD418MmrwWvELq0BlO2ervZ62KPe5E&usqp=CAI

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab541eb9da5a742c3f6c5c6840f2bea0a7b3c5a1df7e34dfe65e809ddd72ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 18:54:13 GMT
x-content-type-options: nosniff
age: 329038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22562
x-xss-protection: 0
last-modified: Sat, 14 Aug 2021 02:00:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 01 May 2023 18:54:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E757 24 KB
24 KB 188ms
83ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSrWOSYC1XNECaEMShHe_74tflVRfmAKPvDH62GKdXM7u3ccBdB-W9DObwG0HE&usqp=CAI

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f531fc4b1981754b623942a77f8766cf715d205e0404c50b8ee0b15334fe34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 13:11:42 GMT
x-content-type-options: nosniff
age: 435989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24327
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 02:38:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 30 Apr 2023 13:11:42 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E757 18 KB
19 KB 147ms
42ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQMzno35dCud-qq3pVafGSKbvZQfsyHysbMQS5408HvWxeABig&usqp=CAI

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 00:04:05 GMT
x-content-type-options: nosniff
age: 224046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18500
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 09:55:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 03 May 2023 00:04:05 GMT

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2C12
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/995085/61697692/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fwww.cluber.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc9ed7cf2aa2208bb6f1b03...
https://www.googletagservices.com/dcm/dcmads.js

24 KB
9 KB

42ms
41ms

Script
text/javascript

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 13:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9377
x-xss-protection: 0
last-modified: Wed, 04 May 2022 17:56:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 May 2022 14:39:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame F7D7 80 KB
21 KB 233ms
80ms Script
application/javascript 2600:9000:224a:3a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:32:42 GMT
content-encoding: gzip
age: 2634330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: eJy1Jn9tCJllYxXPeLDgKDhWpjKPj20lAjUnG9TvDfyZEHNRd35xAg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
216 B 587ms
181ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxdXS,pingTime:-3,time:69,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 585ms
182ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxdXU,pingTime:-6,time:71,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:www.cluber.com.ua&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 560ms
182ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxdYj,pingTime:-2,time:97,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:104,mdZ:337,beA:527,beZ:528,mfA:530,cmA:532,inA:532,inZ:536,prA:536,prZ:540,si:547,poA:548,poZ:571,cmZ:571,mfZ:571,loA:597,loZ:600,ltA:623,ltZ:623%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:97,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,sinceFw:75,readyFired:false%7D&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
DATA 200
OK truncated
/ Frame E757 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 117ade0c46351df526d3847cc7be895e048590ceb241fd853bf0ae7fbc228d0b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 impl_v88.js Show response
www.googletagservices.com/dcm/ Frame 2C12 54 KB
21 KB 43ms
42ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v88.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/995085/61697692/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fwww.cluber.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ecc204ef-9ea8-2154-28cf-26711f693071,c:bKxdX5,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-578cdd6bcc-mdr2l,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:3158c704-cc7e-11ec-8822-ba90dc0dd000,v:19.8.306,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21405
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 14:33:11 GMT

GET
H2 200 B27487152.331699803;dc_ver=88.258;sz=728x90;u_sd=1;dc_adk=250412562;ord=fppw5k;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjJTOotxzYv2DDef57gPN_Z7wBd7Fj8FphvnTg9gPz... Show response
ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/ Frame 2C12 51 KB
25 KB 201ms
77ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.331699803;dc_ver=88.258;sz=728x90;u_sd=1;dc_adk=250412562;ord=fppw5k;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjJTOotxzYv2DDef57gPN_Z7wBd7Fj8FphvnTg9gPz-aivcABEAEg5Z_uLGC7hoCA0AqgAfiv_ssCyAEJqQLaFYBN5wu1PqgDAaoE7AFP0NkMfQv0haY3CBKmsDLd4K1TOh7hGZtZordunYC5tERfnFpUKH8BB20cgKYO9L2VferjSgYDFAVAY94OYTxzbutQKoG7L6iagZqU3eODtt1bTOB3WYkILgW9a43RRg0yGJg4jmYJb7PsOf1FA2eLBpvPJk0bMu-3Pd877O12qwwaNpAG6X1Lx60_zjOvyrOzH0rZp44EwUCL3u7YpbmNUXM02UDObQdJnlGke72uMZhXHSoCe5WySicd0RQfkCm5U814bWKZJX5pZqdrvtAYkfoMhLQgFccAQt7VgSptj9SpByKGOWH2XJMAkcAEsImr2tYD4AQDkAYBoAZNgAfwz4G0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT6Lb8DtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMz0OgNRLjCzyYskGHVT6EmI02tVH2fIKURKGKiyVDDy--R-_0uSmMqbM%26sig%3DAOD64_1FwG6mBB7wsaXSQSZbrjDVbuhYYQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DFxs1vaZ8QUNkkqHNOnshjHsFQk9BEP22tc3fE9WHXcDD9_trOO5EjC8l52rw44uc2-deh151sWI_YkNcraQck02xM03P06iDq7NeIqvLsFAqVe1S1ZTDv5Nl-a6IrxxKCesZ_GQsv1m-VbkoCjfzBr90egA%26cry%3D1%26dbm_d%3DAKAmf-CoEqdtnwiDxwoZ23MHB0ChFrPb2e7Oc0A63It4jAM4abyKF3u7-JUaGaa-eyzV4NE0asgJuwJgFrB4EeG91HB_OVAJdE2vjbGurusESo4-U3wwpGaOD1MFYqIc8QAL6p12_Sjz4OnehTaCd9Q8RZQdP-3ZmPebzm9j1OIO45_HxAwpT_mDEh7hmhS3qGs4-UaiFL-e5rDWueAPF3R_2Pov9--pVasXOVNZmlZ4z8MhVqztcI15C4492ldK2eYIfCuOi4dJTGWtvNzD1qVY2kDwokti7mD8DWzocwpzGwrDnerYx7KrGRxIbC7NQstFQr4GxsNM409BLBJAJ92VP_Z6Vy9zAt2HEGbztSKDAIfMvYuDOIAZOcIxMt5rcNhIuec2WBYCx_gDqu55ca8vSGD4-VAcrpfAGGMSBA5mmVs2XPIPzISbqk99JYMglaAH7TOhNZOSyS_-0xpc6ftNX0TwpU1bhND4zl2FgJEkdzgeGNbjchg%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.cluber.com.ua%2F$0;xdt=1;crlt=)2--JscBO(;stc=1;sttr=63;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

aabee83d0c93c590365fac843111fb0a283519bde6077f745add39296882b6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25487
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B2E 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvH6motxzYsnULpmIrASylIvwDgAAAAA4AeAEAg&bg=!VValVhLNAAZX5TVhd-U7ACkAdvg8WjI0ZaQr3aWoL_cXZzTqA8bxhTnyzod0LD-NlJtkoXqV3RHyfgIAAACHUgAAAANoAQeZAunarSqqU3eJnyUQ-_44_bcaBY77dDkYAfKvtZQBbxYNzR4GEFiHvkAs1BOZWbSLjNuyHnaJTvvMRajC6gbEpK6JhLnRFmBIOuuIvim1wyis7kIOgBN7mRy3eoi8HSnCqCKWZbUT3PrXceD5szabEm5UDEJqQYwk7e4lRH_XAnCXVLwYB0Sw1waNG2C1omKVTy8i_VaJdGErOm5d92k3xwCCGkk2a1HPUhnr8jiHpT0p_3iH9RlGuTXwJChutT0VonbjO06E7S14zqf1JtzK2gnx5cVuQLrVGscns-qpeyupZwOv1P_-Pl9BlI-2-FP35z3vz2lPZylpiTfcyvWC8HjFKkX-Bgw6gG-vNQotcA2wsHKKkP2irhbTGr53-VgV14Vx8SS9cn-Vdxp9uOD4vVT88n_NK8JH4IdZ2vDRaCGY-5mmAHjQvoUIbaR3e2OwM_FQjtwPW0sSOOH-S0FACV-7-BDxjZcrfrsl2rV0i859V9EpJCy3Oaelzu9ce7taXS1ktSmwgTErWBDg-cb-zpddE92j8knOZAJRYyqCv4qG1IqBtt66QnxSkRqndRwYpcNbWjqXw-b1TcT2VO2qMSuXKihISLb0tGgvqukVSTOjyLgpq6JfqWhpuWG8JhsGEPcGsFShoEoDo27H08qhtQO-i3YfXf7eocjjWtw393GURqpU6S54NZYzWjYdpj60MjDUaUoDkXm9g_ePi6sdm3tTJXHHM3j_Kbdla-9yrNqrwnKxj1uZy24DTyC7iCRvDIhZbVqtVvYxlvR-UCWQ7OSjT5jAVnSzu9G2-sdtDzKxh0zRz9j7ttqtsPt2Mjg-025K3ov6M2ZNORmxrgsY_QZgK80qqa5kK2dPj9d_h6ibF2Cv6XlRIHlty3TWDdSVBLiNpS4hgTNY7MAsLuh3HpNeGeC9_L-OIPXAi34UOjVbuUd1T_rsqVt1Nk7YZ_67d7d2Bt3s2QfpOGAcdVrDdYbr2-K2TIGCudb8

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 412ms
181ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxe0E,time:241,type:e,im:%7Bimprf:%7Bttecl:567,ecd:115,tsecr:8%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:241,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B234~0%5D,as:%5B234~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1778 35 KB
13 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Requested by

Host: www.cluber.com.ua
URL: http://www.cluber.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 21:13:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220503/r20110914/elements/html/ Frame 2C12 8 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220503/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.331699803;dc_ver=88.258;sz=728x90;u_sd=1;dc_adk=250412562;ord=fppw5k;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjJTOotxzYv2DDef57gPN_Z7wBd7Fj8FphvnTg9gPz-aivcABEAEg5Z_uLGC7hoCA0AqgAfiv_ssCyAEJqQLaFYBN5wu1PqgDAaoE7AFP0NkMfQv0haY3CBKmsDLd4K1TOh7hGZtZordunYC5tERfnFpUKH8BB20cgKYO9L2VferjSgYDFAVAY94OYTxzbutQKoG7L6iagZqU3eODtt1bTOB3WYkILgW9a43RRg0yGJg4jmYJb7PsOf1FA2eLBpvPJk0bMu-3Pd877O12qwwaNpAG6X1Lx60_zjOvyrOzH0rZp44EwUCL3u7YpbmNUXM02UDObQdJnlGke72uMZhXHSoCe5WySicd0RQfkCm5U814bWKZJX5pZqdrvtAYkfoMhLQgFccAQt7VgSptj9SpByKGOWH2XJMAkcAEsImr2tYD4AQDkAYBoAZNgAfwz4G0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT6Lb8DtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSLgCNIrLMz0OgNRLjCzyYskGHVT6EmI02tVH2fIKURKGKiyVDDy--R-_0uSmMqbM%26sig%3DAOD64_1FwG6mBB7wsaXSQSZbrjDVbuhYYQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DFxs1vaZ8QUNkkqHNOnshjHsFQk9BEP22tc3fE9WHXcDD9_trOO5EjC8l52rw44uc2-deh151sWI_YkNcraQck02xM03P06iDq7NeIqvLsFAqVe1S1ZTDv5Nl-a6IrxxKCesZ_GQsv1m-VbkoCjfzBr90egA%26cry%3D1%26dbm_d%3DAKAmf-CoEqdtnwiDxwoZ23MHB0ChFrPb2e7Oc0A63It4jAM4abyKF3u7-JUaGaa-eyzV4NE0asgJuwJgFrB4EeG91HB_OVAJdE2vjbGurusESo4-U3wwpGaOD1MFYqIc8QAL6p12_Sjz4OnehTaCd9Q8RZQdP-3ZmPebzm9j1OIO45_HxAwpT_mDEh7hmhS3qGs4-UaiFL-e5rDWueAPF3R_2Pov9--pVasXOVNZmlZ4z8MhVqztcI15C4492ldK2eYIfCuOi4dJTGWtvNzD1qVY2kDwokti7mD8DWzocwpzGwrDnerYx7KrGRxIbC7NQstFQr4GxsNM409BLBJAJ92VP_Z6Vy9zAt2HEGbztSKDAIfMvYuDOIAZOcIxMt5rcNhIuec2WBYCx_gDqu55ca8vSGD4-VAcrpfAGGMSBA5mmVs2XPIPzISbqk99JYMglaAH7TOhNZOSyS_-0xpc6ftNX0TwpU1bhND4zl2FgJEkdzgeGNbjchg%26adurl%3D;dc_rfl=1,http%3A%2F%2Fwww.cluber.com.ua%2F$0;xdt=1;crlt=)2--JscBO(;stc=1;sttr=63;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 May 2022 14:12:28 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C12 0
575 B 181ms
78ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudtTe5q2yofW4i2qxdjagP_QOZf8vWFEg0KyzNyEHmYhJglBF3OsAAbgHrIMJMMwwnuXjaILxEItxsAEv3ayBO16iJv2ugY_qOMmGHruxUWuLPC8oxgAeYIEwyO_pIRUyi_RUz2-j26BS5t3VM6etc6p0&sig=Cg0ArKJSzNM46fnWL6l2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220503.93407&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 14:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 16480487101894141427
s0.2mdn.net/simgad/ Frame 2C12 23 KB
24 KB 132ms
41ms Image
image/gif 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16480487101894141427

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6a38edf49fc940d4c2fd1df449d5b3b69adfc7dfcaf287279fc730425750932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:02:02 GMT
x-content-type-options: nosniff
age: 504969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23606
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 09:53:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 29 Apr 2023 18:02:02 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ Frame 2C12 43 B
648 B 179ms
40ms Image
image/gif 18.158.14.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=&bw=4&che=1150399339&col=27487152,1108532,331699803,523684518,168319585
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.14.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-14-110.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 May 2022 14:18:10 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 26A2 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 179270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 12:30:21 GMT
expires: Wed, 03 May 2023 12:30:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.gr.19.8.306.js Show response
static.adsafeprotected.com/ Frame 2C12 191 KB
61 KB 76ms
76ms Script
application/javascript 2600:9000:224a:3a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.306.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=114768606805&placementId=415299275&dealId=549644393847897261&adsafe_par&impId=ABAjH0gWTw7v4DKk-B3b9G7J-3B5&bidurl=http://www.cluber.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c58837645af80e200806a1fc3a21979b3ab12903830fb7b54ddf30b58d2e30d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 01:00:15 GMT
content-encoding: gzip
age: 739077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 26 Apr 2022 14:41:45 GMT
server: AmazonS3
etag: W/"69b86c1be02e88d8c21ae3602ea43c3f"
vary: Accept-Encoding
x-amz-version-id: uCxnvs77TkorK4cy2GLoBdCr2upwo3Bn
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: BMLEFUBroYkDdE6AIdQjBg_cy7bozrpHKBwehfqF9WOGTB3xEKfosQ==

GET
DATA 200
OK truncated
/ Frame 2C12 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dd5b67626f7a7f345935dc41bfe185424222fd6da23c202b0c03453162fbbb2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js Show response
pagead2.googlesyndication.com/bg/ Frame 26A2 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 21:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 21:13:20 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 193ms
193ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxe76,pingTime:-10,time:641,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1651760291688%7C%7Cdb9a984a5b3b05fed854ce0b667ff417%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cfa3e9d89a6f45604736b1485499d60e1%7C%7C9e4a383582c9c7d0c444e30520a4e56b%7C%7Cde8009f855b233b15d100d7574425fac%7C%7Cd87d848761b36d208df58e8573026faf%7C%7C81802f0af46a0568162438276121c73d%7C%7C1629390669%7D
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C12 0
26 B 163ms
77ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 14:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1910 80 KB
21 KB 71ms
70ms Script
application/javascript 2600:9000:224a:3a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:32:42 GMT
content-encoding: gzip
age: 2634330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: Vt4OYwL3rTbWYd3NM062Ky2qFo2OAHkw0zc8ldj7P04GAbKuZsjFSw==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 2C12 43 B
216 B 55ms
55ms Image
image/gif 52.209.180.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=114768606805&placementId=415299275&dealId=549644393847897261&adsafe_par&impId=ABAjH0gWTw7v4DKk-B3b9G7J-3B5&bidurl=http://www.cluber.com.ua/&adsafe_url=http%3A%2F%2Fwww.cluber.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ca62d0dc-415e-7243-5102-8ea5e4c01031,c:bKxe8e,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-578cdd6bcc-tvwv7,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:207,fm:t4Y9QQC+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:233,oid:3159635e-cc7e-11ec-b9a0-aef512ca09c7,v:19.8.306,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.180.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-180-67.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxe8z,pingTime:-2.1,time:732,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:732,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B725~0%5D,as:%5B725~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:613,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14.ca62d0dc-415e-7243-5102-8ea5e4c01031.33_10933%7C14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.qs.bi,sinceFw:75,readyFired:false%7D&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxe8E,pingTime:-3,time:258,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:232%7D,%7Bpiv:0,vs:o,r:l,t:257%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:258,n:257,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:231,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~728.90%5D%7D%7D,%7Bsl:o,t:257,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t4Y9QQC+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 179ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxe8H,pingTime:-6,time:261,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:261,n:257,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:231,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~728.90%5D%7D%7D,%7Bsl:o,t:257,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t4Y9QQC+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:www.cluber.com.ua&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxe8X,pingTime:0,time:277,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:2,sz:728.90,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:232%7D,%7Bpiv:0,vs:o,r:l,t:257%7D,%7Bpiv:100,vs:i,r:,t:277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:277,n:257,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:231,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~728.90%5D%7D%7D,%7Bsl:o,t:257,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~728.90%5D%7D%7D,%7Bsl:i,t:277,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:t4Y9QIT+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14.ecc204ef-9ea8-2154-28cf-26711f693071.12_995085-61697692%7C14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxe8Z,pingTime:-2,time:279,type:a,im:%7Bpom:1,prf:%7BbeA:1006,beZ:1007,mfA:1213,cmA:1215,inA:1215,inZ:1223,prA:1223,prZ:1229,si:1239,poA:1239,poZ:1255,cmZ:1255,mfZ:1255,loA:1267,loZ:1270,ltA:1284,ltZ:1284%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:232%7D,%7Bpiv:0,vs:o,r:l,t:257%7D,%7Bpiv:100,vs:i,r:,t:277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2,o:277,n:257,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:231,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~728.90%5D%7D%7D,%7Bsl:o,t:257,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~728.90%5D%7D%7D,%7Bsl:i,t:277,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:t4Y9QIT+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14.ecc204ef-9ea8-2154-28cf-26711f693071.12_995085-61697692%7C14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:46,readyFired:true%7D&br=c
Requested by: Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26A2 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpCnGo9xzYouDGZyS7_UPmZuRiAgAAAAAOAHgBAI&bg=!yMuly4_NAAZX5TVhd-U7ACkAdvg8Wt_y_FKdDDKgf2uyQR2tNfaYgdeZalYLAZmY_S_VyonJ5bmBrgIAAAC1UgAAAAFoAQeZAu7NrLRyEwB1jibnmZ0aWiLVsadEzaSFH-I1WohGrrR45i3ADewxEylczJcKUcxqAgKpggjVYFPoWy-8bqijTnpZMU-LIdlTGrDdgxK30Rw8sJx7DQKJ_16dlGokcgcY4KYC-JGnctaLqtU9-RrIgPL_vDV4KVUl2TTO9dezlMONAoTKGjLdo94Wbev9g1Z1M363EeWxiMmmNp8e0H5NpDirvSMU7gIKJ9K0PBCPS2u_qpUn16ettvRzuAklBfWdbs2LVYQDTZCS9qU5oxiOZpVuhyqE50CLG5ksETTxrh8BFaB_n5k8WxnwDk7ZThPtVN8W-KOdXQq1TeIOlIUDypA2T-eMp_Ki21TY4ixmG2_XQtf-16cgfVOiSZJuK2JAtkvzPyM9Q1zjeeiExBjs-j09a6WvWko91rHRdCjL1cdr05oUtrZrDh9_iZFS8xGmw4DCeUfmlhHuNdWRN0SrSGB7YpGdbOhxTo2ttFz7UJVSI6KYit1aTXaLcylCraF6d_M6lpztzPTBdJsTMGyViItCIZ7G-TBpeK8Hp7tDwa5UuUC0rgHRu-JUlFGgr6x12dau738wpAtagOsSZQpm7JwWYfqfEpXjLYmuc6ZjMf_hEImOVeNl3RiRF7M8Nb9vmWEGFEeiyefsBvqmZ6fkS8Or30tdfDxW8vEMViS886sRz7-Hi1MbT1he-Bexp1KYRO6_s_97vXffmfU-l4YAuCkgHQI9ReFw6T7D78PzoDdCAx1d2fZSomiGUfWNZ35rQV_cc0m3tOVs781uRHBYCLtSP7vbtlKG7Bpdi4BGY6jFoCv4RvoZ4-DeS6w7cZYcrcsTDzKRckvBQ4Q7zcSJGN_Max03WvOuCx-er337112e1i50Kdb-9xv2zvBLh3To1-e3gwJ-CG99tu3XPWZsb-zFRO9sxmAuBEHWUI8uaBTM-UBaDdvuAUFNA2qxZwrbxNMk2SjoO0L6xlVVQ9nNL6aWV8jlC7i_KS--h7emCmA

Requested by

Host: c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
URL: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 139ms
57ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288d9eeaf203485e0a85141b68f65f261ff2d935680f252e09016c7f13a75e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 May 2022 14:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10643
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxedO,time:1057,type:e,im:%7Bpci:%7Btdr:1008%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1057,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1050~0%5D,as:%5B1050~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:181,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14.ca62d0dc-415e-7243-5102-8ea5e4c01031.33_10933%7C14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:12 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 May 2022 14:18:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA67 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.cluber.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 14:10:45 GMT
expires: Fri, 05 May 2023 14:10:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 61EE 783 B
535 B 52ms
51ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e687d22bf1af3b2bc38221f4e0916590ac636a86455170ab6de3128e7fa39b0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EEMC8rz5Twyqg2KgndVGQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.cluber.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-EEMC8rz5Twyqg2KgndVGQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 14:18:12 GMT
expires: Thu, 05 May 2022 14:18:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response
pagead2.googlesyndication.com/bg/ Frame DA67 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 12:51:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 12:51:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 61EE 0
0 105ms
104ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050401&jk=1939229987496703&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E757 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuc0xW7RIv00hXB2ug3_fIG073sdSxfSNoPI0-9cNv4FIrh6Zax4k3BpR4KBZfoUNd5FIPmbpOvuSIcLKFSu6R6UDNYj5R7t_xQXQxTCbrHzXnBHMKEB8aOaIeQ&sai=AMfl-YSmEOWOy_w1cOfTbQyL7Kf-3z4BCtTX0gpT0fJGHCSI6Sgr2zcvewMMZ1nhtF5moMgzm7Gjdp8GgVYlCmJ0Myyy6_7teCt4-rBZcxj4r7XOxQVTF41lclQM4mtEcii5&sig=Cg0ArKJSzDyWRWVHiF9WEAE&id=lidar2&mcvt=1000&p=578,315,828,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=949738897&rs=4&la=1&cr=0&vs=4&r=v&rst=1651760290929&rpt=351&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DA67 0
9 B 41ms
40ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eR5HZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 14:18:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C12 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4gCKFGMFjNetbSS-BD483gqvepIB_V46rHpHGn7iEHHWNQCgt-Y1gXxHzRJt-CCD4wQS6-VcTvxKHqLEs9MnNPDTPmBLT8LtiTlnhV5U87PgBrSEgMlA2qAEC&sai=AMfl-YQQLT4f68krwE6uTkTFQDltoXM9fpm37fUv8VUfpxAx7Q2BQIShNMHY0gI9HdtN6J0qCh7bO5IldRjiAq7aXfQGut4jwDtvcTUh9o7BDg&sig=Cg0ArKJSzFlD3fPw9GRLEAE&cid=CAQSLgCNIrLMz0OgNRLjCzyYskGHVT6EmI02tVH2fIKURKGKiyVDDy--R-_0uSmMqbM&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=225352322&rs=4&la=0&cr=0&vs=4&r=v&rst=1651760290520&rpt=1195&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C12 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusl4rjoczTfGxLznclMbw5BideTHUwvFw61gZULYtYJ5eZmwrt8TcHrgJwLrikyYPdEH8kHRHIEatyLkgZUxNFbEaMB9uupg&sig=Cg0ArKJSzH8GgoejM_zjEAE&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=250412562&rs=6&la=0&cr=0&vs=4&r=v&rst=1651760290520&rpt=1198&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxep6,pingTime:1,time:1278,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:232%7D,%7Bpiv:0,vs:o,r:l,t:257%7D,%7Bpiv:100,vs:i,r:,t:277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:277,n:257,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:231,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~728.90%5D%7D%7D,%7Bsl:o,t:257,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~728.90%5D%7D%7D,%7Bsl:i,t:277,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:180,fm:t4Y9QIT+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14.ecc204ef-9ea8-2154-28cf-26711f693071.12_995085-61697692%7C14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:12 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 179ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxep7,pingTime:1,time:1279,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:232%7D,%7Bpiv:0,vs:o,r:l,t:257%7D,%7Bpiv:100,vs:i,r:,t:277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:277,n:257,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:231,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~728.90%5D%7D%7D,%7Bsl:o,t:257,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~728.90%5D%7D%7D,%7Bsl:i,t:277,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:180,fm:t4Y9QIT+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14.ecc204ef-9ea8-2154-28cf-26711f693071.12_995085-61697692%7C14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:12 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 179ms
179ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxep7,pingTime:1,time:1279,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:232%7D,%7Bpiv:0,vs:o,r:l,t:257%7D,%7Bpiv:100,vs:i,r:,t:277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:277,n:257,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:231,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~728.90%5D%7D%7D,%7Bsl:o,t:257,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~728.90%5D%7D%7D,%7Bsl:i,t:277,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:180,fm:t4Y9QIT+11%7C1211%7C13%7C14*.10933%7C141%7C142%7C143%7C1441%7C151,idMap:14.ecc204ef-9ea8-2154-28cf-26711f693071.12_995085-61697692%7C14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:12 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
91ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050401&jk=1939229987496703&bg=!7u2l7anNAAZX5TVhd-U7ACkAdvg8Wkr2fZ9euOP8_GRSVn_4v8fiBpvbmvjfcMmMYOTRd6JkU8mF0gIAAABTUgAAAAJoAQeZApwKfadIFftFz6BqAbplPuqg0NsQ1wHs_0ZiFq2gp4Ido_Sw_Znux_cGsiK055uDuS3OLgrU9bwAf11EG8WBBm6DHTKE29UGf3fJ-v6Rji7h4O6DvNh4T-fbkqVMO9kSqKrY204MtLkPmkJEdgFoXZPWP-6Ue3isLAQnLSFnopW9thApZg5yAIzed6oFcpnJW4a7yQ5zCbEGi5OapJGEgX64IQ08CWu5jX2VPzKC34T4EnvCbT3EOfi3D266Q-xv420ylTMflex9T4_vQTUprToiQ3XIO1v4Y5K4xneliAE6jEAEAn72VAl_jl76SqLVp178DG3B7mnDmXZtY2_vlNi1zFsr2mvJDdkKL2z5tJoBvvNkhslvdyee9_Hp5jwregZnVrW61wsxSU1_lEqdql6uG4qIxHYbSM1x4yTvN8Wv57zslrXfs5JeEPuCfNjzjMveqgvlq0UKDD2vFCgFrrB6523fY-RgERhmqZgxMvus4BHdzVOTNfYHJCGUibZITt11yty-MrMGOgm27-kNvPNQxsehgjDjuXJC4qydZkEnA6wXzAceGzJL4XmqTpi5ggHy4DwMurpvCBnViBGlx-U638fxlK1CeW6Cx72CH1rGJ_yGzaQ5Kp8vh5efPlBxvhEJ8XDfP5IQAeRkJBra-bsvhMyMKM-Ija8WG8ulFtQQOQIWQ1isVkAiwWFMeS_dnnf_wOpogVetAmi7QTZ5OjNxobQ68GcnImqPb9QeTh8lVn2iIb_S2Urz7CApeh22plSVJXMJupWD3O4KHuqDXzjlKF8G6qHRD0Qwour7CVVRLoh8l9HzA7rPqYbRinUuQlGN__QaNPNsxc8r0vxk0vFemJEcGxSM28p8h0GZsuuclHptw6wPPpglMenW8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://www.cluber.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=ca62d0dc-415e-7243-5102-8ea5e4c01031&tv=%7Bc:bKxetg,pingTime:-10,time:1536,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1651760291688%7C%7Cdb9a984a5b3b05fed854ce0b667ff417%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cfa3e9d89a6f45604736b1485499d60e1%7C%7C9e4a383582c9c7d0c444e30520a4e56b%7C%7Cde8009f855b233b15d100d7574425fac%7C%7Cd87d848761b36d208df58e8573026faf%7C%7C81802f0af46a0568162438276121c73d%7C%7C1629390669,sca:%7Bspg:ecc204ef-9ea8-2154-28cf-26711f693071%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:13 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 178ms
178ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxeD7,pingTime:1,time:2626,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1618~0,0~100%5D,as:%5B1618~728.90%5D%7D%7D,%7Bsl:i,t:1625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:181,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14.ca62d0dc-415e-7243-5102-8ea5e4c01031.33_10933%7C14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:13 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C12 43 B
215 B 179ms
179ms Image
image/gif 44.233.239.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=ecc204ef-9ea8-2154-28cf-26711f693071&tv=%7Bc:bKxeD7,pingTime:1,time:2626,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:100,vs:i,r:,t:1625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1618~0,0~100%5D,as:%5B1618~728.90%5D%7D%7D,%7Bsl:i,t:1625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:181,fm:t4Y9QIT+11%7C1211%7C13%7C14*.995085-61697692%7C141%7C142%7C15,idMap:14.ca62d0dc-415e-7243-5102-8ea5e4c01031.33_10933%7C14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.239.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-239-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 14:18:13 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cluber.com.ua
URL: https://www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf?bz30xv

Domain: www.cluber.com.ua
URL: https://www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/wpshop-core.woff?bz30xv

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cluber.com.ua/	1969-12-31 23:59:59	Name: apbct_timestamp Value: 1651758902
www.cluber.com.ua/	1969-12-31 23:59:59	Name: apbct_site_landing_ts Value: 1651758902
www.cluber.com.ua/	1969-12-31 23:59:59	Name: apbct_page_hits Value: 1
www.cluber.com.ua/	1969-12-31 23:59:59	Name: apbct_cookies_test Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522aac179dc4515e4b7a849239793f117c3%2522%257D
www.cluber.com.ua/	1970-01-20 03:32:32	Name: advanced_ads_browser_width Value: 1600
www.cluber.com.ua/	1970-01-23 18:25:20	Name: advanced_ads_page_impressions Value: 1
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_ps_timestamp Value: 1651760289
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_fkp_timestamp Value: 0
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_timezone Value: 0
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_screen_info Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A4190%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_has_scrolled Value: false
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_mouse_moved Value: false
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_checked_emails Value: 0
.cluber.com.ua/	1970-01-20 20:20:32	Name: _ga Value: GA1.3.985734967.1651760289
.cluber.com.ua/	1970-01-20 02:50:46	Name: _gid Value: GA1.3.157585369.1651760290
.cluber.com.ua/	1970-01-20 02:49:20	Name: _gat_UA-27047610-1 Value: 1
.cluber.com.ua/	1970-01-20 02:49:20	Name: _gat_gtag_UA_213652305_88 Value: 1
.cluber.com.ua/	1970-01-20 11:34:56	Name: _ym_uid Value: 1651760290429665923
.cluber.com.ua/	1970-01-20 11:34:56	Name: _ym_d Value: 1651760290
.yandex.ru/	1970-01-20 11:34:56	Name: yandexuid Value: 3922380321651760290
.yandex.ru/	1970-01-20 11:34:56	Name: yuidss Value: 3922380321651760290
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1998358371651760290
.yandex.ru/	1970-01-23 18:25:20	Name: i Value: RGhMfN1YJ3EFgJHbZtbmeG/I0H0vmtWxPzjmGT9zZRn5/kbMAGfJbTSf+nriBfd8ODRCRBW+2vfXO0Xe5AMwgSDK4G0=
.yandex.ru/	1970-01-20 11:34:56	Name: ymex Value: 1683296290.yrts.1651760290#1683296290.yrtsi.1651760290
.cluber.com.ua/	1970-01-20 02:50:32	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 12:10:56	Name: IDE Value: AHWqTUnKfmkeW09vI2VqUwnrfGlbx68pdNAtyjWiM0bqcY01zlg5xweBGtdWeNCen-g
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_pointer_data Value: %5B%5D
.doubleclick.net/	1970-01-20 02:49:23	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:49:21	Name: test_cookie Value: CheckForPermission
.cluber.com.ua/	1970-01-20 12:10:56	Name: __gads Value: ID=f12a659789c99517-222978038dcd00c5:T=1651760289:S=ALNI_MbjRQKi2q1pgS_ph7rPbViC6lZbcQ
.adnxs.com/	1970-01-20 04:58:56	Name: uuid2 Value: 8477752507020225891
.adnxs.com/	1970-01-20 04:58:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ij'Ji+!]tbPl1M>e)ZlrFUfJ+tGXxomAJTIlbQoU4IeCv>IIU:b?L9Z3b#r@wp=rX03If)y3KL9D3I?+XMmwAn
.casalemedia.com/	1970-01-20 04:58:56	Name: CMPS Value: 707
.casalemedia.com/	1970-01-20 02:50:46	Name: CMST Value: YnPco2Jz3KMA
.casalemedia.com/	1970-01-20 11:34:56	Name: CMID Value: YnPco16ueBSBmnBayvxjqgAA
.casalemedia.com/	1970-01-20 04:58:56	Name: CMPRO Value: 301
.casalemedia.com/	1970-01-20 11:34:56	Name: CMRUM3 Value: 2d6273dca32760CAESEFdk9zhjYsp-dxxmHlxR5Ss
.agkn.com/	1970-01-20 11:34:56	Name: ab Value: 0001%3AsaJ%2Ff9GPf6MElC2JxgxzQWBVHt3tooSE
.agkn.com/	1970-01-20 11:34:56	Name: u Value: C\|0EAAqBpkjKgaZIwAAAAAAAQAHAAAAAAGja7D__x4AAAAAABDqNAAAAAATxVZbAAAAAAoIWmEAAAAAHzbKpgA
www.cluber.com.ua/	1969-12-31 23:59:59	Name: ct_checkjs Value: ea103584479801aaaa59cf347420257009c2244fc5aee6233dcc0f831779e5a8

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://www.cluber.com.ua/ Message: Access to font at 'https://www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf?bz30xv' from origin 'http://www.cluber.com.ua' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf?bz30xv Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.cluber.com.ua/ Message: Access to font at 'https://www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/wpshop-core.woff?bz30xv' from origin 'http://www.cluber.com.ua' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.cluber.com.ua/wp-content/themes/reboot/assets/fonts/wpshop-core.woff?bz30xv Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adncdnend.azureedge.net
adservice.google.co.uk
adservice.google.com
c9ed7cf2aa2208bb6f1b0383c6df3ec0.safeframe.googlesyndication.com
cdn.ampproject.org
cluber.com.ua
cm.g.doubleclick.net
d.agkn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.outbrainimg.com
mc.yandex.ru
mcdp-chidc2.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
s0.2mdn.net
securepubads.g.doubleclick.net
servt.unrulyvideo.com
static.adsafeprotected.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tg1.unrulyvideo.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.cluber.com.ua
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.cluber.com.ua
104.102.29.173
104.102.29.65
104.90.144.34
136.243.78.100
142.250.184.226
142.250.185.66
142.250.185.70
151.101.14.132
172.217.18.98
18.158.14.110
185.33.221.15
216.58.212.162
2600:9000:224a:3a00:8:48e:53c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9a
2a00:1450:400e:810::200e
2a02:26f0:fb::5f65:5862
2a02:6b8::1:119
44.233.239.94
52.209.180.67
52.210.113.214
54.209.199.10
64.74.236.95
0332c961f04b513638cd90044e7bfd8d7ec820543cec9c65260e974464eb8f12
057107bbb34d90b0919a2984a3b85c0cf2c42a2eea160c1318e552b836b659c6
057f89f6b1a7c618d9380bbd11d43771325141cba30546020b698df36f346920
075ecf08427ce2a4f3079bf299fc0d0203ff3afbdc06b7b1ca91d01560f95d6f
08478dd20fc28e743ca9934eef10e257180cfcf9c011350d56be818cf9d8ea4f
0aa0acb01b3dad7e2951b7c5d394ed8f4260b17ee26e41db30ceefbe579b3020
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
117ade0c46351df526d3847cc7be895e048590ceb241fd853bf0ae7fbc228d0b
1205c99781cfba4734dda4147ff18e4404a3d89d5cbf12b92c5a9919ef5fd4d4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f908ce14d33debedc48668fd87bec3cf0300afc6725dc2738dd80fd912ee03
19786aba2c4cd92a79c5d9784348adc3a41451971684ccc19c00aa7045bf8636
20bdff18f6d2f5f6667c1f48cd18f5485c6b3faeff136362a81da04c7810e782
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
22e235b460ca1fc6a3d0e32561ddcfc41e69d352d8f2f9f948dcb945ae0b8b8e
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2706adfce2919caa273516d67e6b43fc0b6f1656b4426c0e0863e066e439fc8a
27e12d1470465af58498a1c53568b10bd416dac1d5dfdbd82b8104d89709fa93
288d9eeaf203485e0a85141b68f65f261ff2d935680f252e09016c7f13a75e0f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bf64454b9ac07e648cebe4837c2d4a5cbc7c8028c0fcbae94002419a9a3b649
2ceda467bde5570a54cbe67976369eae64c1ccd62b5aa7131b4b5e3a658e0f32
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb
341ea150f411846a959e40da87e8bd99bacc0d50590e1c9dcca01c1a0fc39933
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
3938b318737d1b6f03e5cc31ba56fa4160e34865bdeb025ef73227ae1046a4ba
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
42337e6a328cdfc80f50ac032086c6f35b10ee171726bd851b6a9e5b9dc6ff01
4635b997acab6fc12365287b5d1c747bbb1948f1fa117a3c5fa55295f7c6b5a3
463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6
4a569c3e3ca972c5d43cbb411466c5754962f821d3cb996d879775acdf0bf5f2
4a6ae44af061c5fdf8c6f1afa12091b59d352d07aa23e9304d700bf9a8da7f8b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e4f685beaaa7ec6500896c7d8a028a9d65fb7c75c35f37d68c802e1f537c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
542e3a95fe0161944c7c677a9e65af1eb2d73fae389e129857aa442c97c1c3c1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b75a149373bf3e25e6fa3f99fd8be9f4229bb87526bce2e8e226fdf63d9c87
577d9cb4933dbc601e9dbbc2d5a95267858001689f7d372d9f58572341956021
58b260544fc7ef6e3661961990a966104672beea4fcadf1857eccd43269b39f9
5ac415f5be68d3b1e4e2b1ac1e1e2e7bf47e98e14d1b2c2521c21a33255e0181
5b3e2c7d679ead89a431a94d9bdb8cf9bd8b4b5ed315913c5ed785381469094c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca4bb9bf5068c7e41b47699530565348d8f05c685ef43b6d47cb3aae520f711
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f2c54bf52b994ee8f02a0d288c56a3edc398c9d74e11bed2521f0d6a4d93ba
67382fecc8725abb2594f3efcf0aec82fc8e1c5741571da6364299b129fe7ab0
67d9045a84b2424899a0bee08dd8a0675308270d4c7420071eddf553deb05583
68f9042a03dfb106098795785893fa607d2c51151b3abcb8d03484025f8eb3ee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3a2e2f588db02dabe812fd57166efde023870f39d40a1754765a65402e2f1c
70dc9ba66806e5ad344c317370a5fd7a80691dd29ac8f9aa5df647e615b3fbdd
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
7468f1c1347e6ce4779f620e1d84fc22bec20c5ec956da4a234fbea39b970818
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
78a4d25d24f0c1f12d39d1f65bcf8052c6eb09211088042b52fc113e32636b70
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b251bafc96a595143baae84e0436a84112231a385a0fd52209767a6e1b89d9b
7b7fc297c80ff6f238c24f7a909de2d1352c2e2dba7b59fb035ad2c0a9bba409
7f5b45625c9e45fb020b883d8af0ec35faaca2eb373f7fa7f212a9e5d64ce99a
7fbebed2c826e300b4dda9308c237929ddc66c4cb568b1124dacb167152db1af
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
86447f33ea3b82ac2866255dbe8a35a1e3989250def2b595ed3394141668e60f
877dad25e454ef04b32f440bc3618926fed0ec5fa1e849b656649bd7bd9762c8
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
898212261216437a8707ede3e06c7d809af4a7cd9e42a708561c3fa307de418a
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f4d53d7bd02fd87b02b01ad4f8bcdb6befaaad64c044b0d2a36e1ff91aee16a
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
939046f2c9b7b2a1db0ea71e683a0cde26c17c56aeb97ac9312e31709a44d962
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460
9d02af80784e6a6afa0df16a375b03d55197745245979b0ec41150472acd1032
9dd5b67626f7a7f345935dc41bfe185424222fd6da23c202b0c03453162fbbb2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a42c6ecdf807763d71a67dc90549e8a9c6fd5797d61082d4133ccc0a4079c3c0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aabee83d0c93c590365fac843111fb0a283519bde6077f745add39296882b6c4
ac72f2dbf851aff5794431993956a2356259b1c059aeaada6d95b8134b65eea5
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1972f37154e020c7cc53c26f67be947b4a074569d11c34f9d2906c379b55cd5
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
b561e1dc035e664b054a9f010fbbe8df7695850e6756d9c509f27f5942385dfc
b5c76d91f496bbc498336d87521d2db982b0341de6b389d5669537f6dc93f4f9
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf
c56c3c420940795160b8b84d5e04e44ffcef1b55cf2f4f02594c575ade30b5cb
c58837645af80e200806a1fc3a21979b3ab12903830fb7b54ddf30b58d2e30d0
c5bfa7c10bc5d4f1664e5c4a02fa48ee7ae2f1eebf572efc379a7c757ad81c23
c67b016da9140e2ad22751a94eeb3beb5d2c9e6c2ba99ed970bf2d6ee8c225df
c6a38edf49fc940d4c2fd1df449d5b3b69adfc7dfcaf287279fc730425750932
c6c2cebba0d227142e9efc2ede4d73a453bce2a60800bc620de966cb29933537
c994f317d1a0b1dc2a3d383f388190d7c262513e7f830a8d0e1ebb40b4cc62cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2bc2e5ffa4b7261c2ac1a6eceb1c454980dafd0e52ba285a3c8add76ce786b9
d6ca9968880b5ba3ea9724c53b4e78c2c85e9bc62e74c54f149c0b954fbe5135
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49013e2afc2de6bf861b213fef53f70ec2486a4a65df1a5c9a5d8ab31231da5
e687d22bf1af3b2bc38221f4e0916590ac636a86455170ab6de3128e7fa39b0d
e954aa8d98119b72b7482237d7fb4bb4f5f7e521ac076d5824e085ec3c9ae51f
ee292ae9f7b643b9bcf42da01fd7d96285b66c5f57a5f885a55f630d906465a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f531fc4b1981754b623942a77f8766cf715d205e0404c50b8ee0b15334fe34b3
f7ff41e59f1413fd5c8a8d34830c5af4defa6a9a6d5583ea4c97cc5df9d64810
f9a3aed1f008beb5b4d18b9451fa0c3aaa18d9a64e8698f47a783e8db8cd9621
fa33c257696cb6ac7481e6713ac847f3ef1e40bed0025cc46a746827b95ef048
fab541eb9da5a742c3f6c5c6840f2bea0a7b3c5a1df7e34dfe65e809ddd72ced
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ffb66e159093948f8dd57a1982ddad6573df743e1031f0e8242ac157309bd370

www.cluber.com.ua Open in urlscan Pro 136.243.78.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

79 %HTTPS

56 %IPv6

22 Domains

44 Subdomains

40 IPs

7 Countries

2463 kBTransfer

5526 kBSize

40 Cookies

9 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cluber.com.ua Open in urlscan Pro
136.243.78.100 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

79 %
HTTPS

56 %
IPv6

22
Domains

44
Subdomains

40
IPs

7
Countries

2463 kB
Transfer

5526 kB
Size

40
Cookies

182 HTTP transactions
5 data transactions