www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buhoblik.org.ua/
Effective URL:
https://www.buhoblik.org.ua/
Submission: On November 08 via api (November 8th 2022, 1:51:48 am UTC) from GB — Scanned from GB

Summary HTTP 160 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 11 countries across 26 domains to perform 160 HTTP transactions. The main IP is 2a06:6440:0:2d02::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.buhoblik.org.ua.
TLS certificate: Issued by R3 on October 3rd 2022. Valid for: 3 months.

This is the only time www.buhoblik.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	2a06:6440:0:2... 2a06:6440:0:2d02::1	200000 (UKRAINE-AS) (UKRAINE-AS)
1 1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	95.216.186.40 95.216.186.40	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2001:41d0:602... 2001:41d0:602:3b8e::	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
23	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
10	34.111.35.152 34.111.35.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
15	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2404:6800:400... 2404:6800:4009:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:f::8	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
6	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	3.123.169.180 3.123.169.180	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.157.74 52.214.157.74	16509 (AMAZON-02) (AMAZON-02)
1 2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
160	35

11 2a06:6440:0:2d02::1 (Ukraine) 2 redirects

ASN200000 (UKRAINE-AS, UA)

buhoblik.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buhoblik.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.186.40 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de

xn--r1a.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:602:3b8e:: (France)

ASN16276 (OVH, FR)

avto-oblik.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.111.35.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.35.111.34.bc.googleusercontent.com

cdn4.telegram-cdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4009:828::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:f::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r3---sn-aigl6nzl.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.169.180 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-169-180.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.157.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-157-74.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	criteo.net static.criteo.net — Cisco Umbrella Rank: 782 pix.eu.criteo.net — Cisco Umbrella Rank: 5787 csm.eu.criteo.net — Cisco Umbrella Rank: 5892	572 KB
23	telegram.org telegram.org — Cisco Umbrella Rank: 7309	276 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	487 KB
16	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 35335 inv-nets.admixer.net — Cisco Umbrella Rank: 3593	201 KB
11	criteo.com 1 redirects rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14340 ads.eu.criteo.com — Cisco Umbrella Rank: 5761 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7537 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10346 bidder.criteo.com — Cisco Umbrella Rank: 866 gum.criteo.com — Cisco Umbrella Rank: 481 mug.criteo.com — Cisco Umbrella Rank: 1946	111 KB
11	buhoblik.org.ua 2 redirects buhoblik.org.ua www.buhoblik.org.ua	231 KB
10	telegram-cdn.org cdn4.telegram-cdn.org — Cisco Umbrella Rank: 24522	859 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	61 KB
8	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	140 KB
5	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 886 image2.pubmatic.com — Cisco Umbrella Rank: 1407 image4.pubmatic.com — Cisco Umbrella Rank: 1503	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 415	2 KB
3	creativecdn.com 1 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5766 creativecdn.com — Cisco Umbrella Rank: 769	859 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	142 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 313	2 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 33513	1 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 2953 r3---sn-aigl6nzl.gvt1.com	712 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
2	xn--r1a.website xn--r1a.website — Cisco Umbrella Rank: 534614	14 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 397	17 KB
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 85306	351 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	5 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 3745	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	700 B
1	avto-oblik.com.ua avto-oblik.com.ua	72 KB
1	google.com.ua 1 redirects www.google.com.ua — Cisco Umbrella Rank: 12496	320 B
160	26

	Domain	Requested by
23	telegram.org	xn--r1a.website telegram.org
15	pix.eu.criteo.net	ads.eu.criteo.com
15	static.criteo.net	ads.eu.criteo.com cdn.admixer.net
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	cdn4.telegram-cdn.org	xn--r1a.website
10	cdn.admixer.net	www.buhoblik.org.ua cdn.admixer.net
9	pagead2.googlesyndication.com	www.buhoblik.org.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	www.buhoblik.org.ua	www.buhoblik.org.ua
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	inv-nets.admixer.net	cdn.admixer.net www.buhoblik.org.ua
4	csm.eu.criteo.net	ads.eu.criteo.com
4	www.gstatic.com	www.buhoblik.org.ua googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	image8.pubmatic.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	bidder.criteo.com	static.criteo.net
2	creativecdn.com	1 redirects www.buhoblik.org.ua
2	ib.adnxs.com	1 redirects www.buhoblik.org.ua
2	r.scoota.co	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	csi.gstatic.com	www.gstatic.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	xn--r1a.website	www.buhoblik.org.ua telegram.org
2	ssl.google-analytics.com	www.buhoblik.org.ua
2	buhoblik.org.ua	2 redirects
1	mug.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	m.trafmag.com	www.buhoblik.org.ua
1	prebid-eu.creativecdn.com	cdn.admixer.net
1	r3---sn-aigl6nzl.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	avto-oblik.com.ua	www.buhoblik.org.ua
1	www.google.com.ua	1 redirects
160	45

This site contains no links.

Subject Issuer	Validity	Valid
www.buhoblik.org.ua R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
xn--r1a.website R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh
www.avto-oblik.com.ua R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2022-08-10` - `2023-09-11`	a year	crt.sh
cdn4.telegram-cdn.org GTS CA 1D4	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.buhoblik.org.ua/
Frame ID: 431DA38745CD2BEEE099096D213F6C27
Requests: 43 HTTP requests in this frame

Frame: https://xn--r1a.website/s/buhoblik_org_ua
Frame ID: ABE984F4D97F5F2140F750C9F9537FFB
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: 0EBB8BAD94F17D7D448C8CD48A6A69F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161
Frame ID: C3E5890A1D59ED3495F94FD1BEA129B4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1667872300&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301607&bpp=2&bdt=609&idt=170&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hAI8soT1Iy&p=https%3A//www.buhoblik.org.ua&dtd=174
Frame ID: C9995FB4059FB606D26D2D2C3A29ECF5
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301616&bpp=3&bdt=618&idt=171&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ppF8Zoowsk&p=https%3A//www.buhoblik.org.ua&dtd=174
Frame ID: 557E7D3C2B4CC0BE7D130A75DF879461
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1667872300&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301623&bpp=1&bdt=625&idt=178&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C730x280&nras=1&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=1118543201&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=183
Frame ID: 688E0DC7AB7263B4B896B3072FC9DFCA
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2m2LQANU8cK4AOUAA49sooNWA9WCKPPNsIZOA&u=%7CyUOaHcNGfawmlRIYjJtAKYxXFDZWrXyNoFPOKN9qSuk%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD2CBj6s_a0QN-swH87d7H9faEAwFe4YwrhqwhVPXPiLovG8uknaXM7PO33r3zIGZjc12qwhHLE9tU9tSKv5PlBcC2AE50Wm7VGHRSzvk2IaK7E_YTzSqcIo2m8yyCrPV8O5ZvWHQcbd6K8ir6tbxAY1GcYMi5NnVKuR9ULsLfpTly4I9mE_b7V3loVRpEf63U3VtLL8Xh5iP2aw8Y2K6eXS1q29OUfAZgsj5ChgfrUD5tSM5m-LQR210mVEdOpw4oc6CDWMFFhQn9kDcUZxIRtC69RDbIH-WbefVI4uaCX88AW9zkRv0VHDMdZRveJJPLSQRZsSANfJsN6m0AtGk2Hb2d1aMVLNePvvrnXz9BI8CPngk-gIx0dGWF1re0SICbSFBkIIT71jZVgpKTO41WjPyptzCS8SlxxFxc8cgSx97m3IyZNwtXCPtHhECEJydovbXg1cKczRwObqINNJIfmXalVyPUX6UEFVYheUWPhJl_uF3k6H_g_xhxztF-cafke1bF53hWa71VQi34ut0M6DtNbooLSc106kJ2CbenwHnmLEn1WMK-hatQvFh1f_Ma&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCViVZLbZpY8enNZSHgAey-7igCeSP0rFcn8_RkMcBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAut484uMU7M-qAMBqgTpAU_Qr9-uSrBaMvnHSgXiCflS8v2je6kfme9pg71QOzpgj1mH-9jNJfFlARGHAX8T5zarSnZP4-5TPOrVPVQW6ZRqdxmGjkEXQEw52uOLJtDCp8KGM7eEITMn_0le4wCJPdjU6dEUhko3sc2lGCo6uahAcjwHfIHEXQnD9j7qAz0sTwXxvgs7aXR6DeUzP1ZgGNlDbL3myO_QApempu8sK3X2QHD2YNRsLvuncDBYLhWq4rBjRGF3Jg_c6BewFsW0aYsZDDKUZDzeJTUjt2NDCOr68YTJujwor6BQi02Bp4jelnc_v-O2WGWSgAaw5_uThp741FKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bty1nC5llfz7ZKUHfRnVTWmXuNg%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: A3FDAFD99B27EB3E710C0A3ADAC11A9E
Requests: 24 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 2E80171CC1880730A8257ADC4291A96A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 357C9D688B6DFEACA35A04E8DC02AC4E
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2m2LQANV3wIEfC5AAGlUDHjLTgzLHVBDAlHtA&u=%7CyUOaHcNGfayaoe8X%2ByPaPbjRbXncWP6H3EMq%2BIZg%2Fcw%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD2CBj6s_a0QN-swH87d7H9Wb6OjsJXS8-Kw3RlaG__Tkd_Cighi7QozKK91jE5Vw29vgNMRUzYpnA_438AJ90Z2ZuCyXsgQY8NrQTK_L_CH4sru8HN5vwV-RyIGYhzRPP1J8sD4Zj5catYDCKJi2h8V_t08h7lMuOGtZ1tUW7dhBew0CF5iCvKt4d0qKKP20C9MJA8A9_rVX_1xEwZqrOxXgrXTM4iNtEYps9eF_-jTU5CyBm3IfMDSWNw93znS3j3B7B0r6QeytAuT2B6qVQoSGTAu4q1RqGggsYx6ifxOpK-UmcrhJO9OQ3pIDbvlyDC1A89N_aLJEWiAK4GoB0EfuBe3tnDmONvhL9IIER4fsM8Y38mXJU4avCpWASvSS-RVGjrXG0pZoaOaEzqKt4lj_UIxs9adx48y6O7164wIKKTqAO2OCFLgKvydjciFsf23FMnn6dqBnTqhbh8b5q8YhJrD8tzjtRZ4uZ-dNmRzUhpva6ectgKnke0FXjMA528nuk2kY2JCLZ-wYh0XA-lcR8ed2GFJrTkhcBKIAq-Mab1yDvxZoA-KK6Q6mEdspZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9PILbZpY_yuNbnhx_AP0MqGgAfkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjMwOTU2NzY2MjE2NDY1yAEJqQLrePOLjFOzPqgDAaoE5AFP0EqZDed8dC4wDqws2wYr12cNlPF7YPAc_b18I0wd1M7f2cVmhbEUVmMUwzKDjW6tO0JdLkkR0mnbtm_N1WicCZRCjXK4J2LYcbOW9KKgkqwah5sNr_MARhyZ4TOpQY0TsHy4Hm2iHidvgQpjAOduAedLvJLWPQGrgLaiaVHm-xYd6oQdisqAlSGecDSywqsondo7q7eNHw6aTFjcd2x3nIZ3R19tVPcWgnU5QlaTcKdGbQXzdvDZLPqI7ApHRTgBb2C1CcwRu9uTrmssaYT-hMXHNyKnwOEBfXcCrLo1-3FD6ICABvzQk5e78qOP2QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1V4jFmiXzBNjVooaTxZGbbFGrNrw%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: 767088605E525B8EEDCB236DC4F4CB72
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Frame ID: 6F4ABD7E8C12D48B56D6149AE32EF8FD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua
Frame ID: 78CB57502F089F8AB3ADEFBE2311CCAC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 823B804090FFEBF395091DAD1A8A2941
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2457B3AB85EF5ECE26D40C3D1E8254C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бухучет в Украине : Бухгалтерский и налоговый учет

Page URL History Show full URLs

http://buhoblik.org.ua/ HTTP 301
https://buhoblik.org.ua/ HTTP 301
https://www.buhoblik.org.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

160
Requests

96 %
HTTPS

67 %
IPv6

26
Domains

45
Subdomains

35
IPs

11
Countries

3903 kB
Transfer

6613 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buhoblik.org.ua/ HTTP 301
https://buhoblik.org.ua/ HTTP 301
https://www.buhoblik.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 111

https://redirector.gvt1.com/videoplayback?id=9e5d8bd04b972568&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1667879502&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=055D338E54E72C12CBCEE195C6C46D98E0894ED0.30113872E2E918ED8BF3956AE0730D2929D37C52&key=ck2 HTTP 302
https://r3---sn-aigl6nzl.gvt1.com/videoplayback?id=9e5d8bd04b972568&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667879502&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=76F7A0F5A392B3E03D477D03FA47CDE7A2144FD9.30A7322A70C2C8654E559963151CA84C6CE41991&key=cms1&cms_redirect=yes&mh=7j&mip=2001:ac8:21:e::3&mm=28&mn=sn-aigl6nzl&ms=nvh&mt=1667872103&mv=m&mvi=3&pl=48

Request Chain 135

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkQ3MTNFMDktRjI5QS00MTVCLUE4QjgtOTYxRUUyRTAyN0VE&gdpr=0&gdpr_consent={consent} HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent} HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D2D713E09-F29A-415B-A8B8-961EE2E027ED HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=2D713E09-F29A-415B-A8B8-961EE2E027ED

Request Chain 136

https://x.bidswitch.net/sync?ssp=admixer&user_id=b6fcf27f620c46938391e960e53addb4&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=b6fcf27f620c46938391e960e53addb4&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=f6d49e2e-2f4e-42fb-99c9-ce895f312d6b&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=93ba96f9-79a3-49a9-8f27-a548f9d07f88&gdpr=&consent=&gdpr_pd=

Request Chain 137

https://ib.adnxs.com/setuid?entity=533&code=b6fcf27f620c46938391e960e53addb4 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Db6fcf27f620c46938391e960e53addb4

Request Chain 138

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 156

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jP0fp3xqMnBjMVRBQjl4ZlJBM2c3bERySW42OGZuZkljbmsxNHRTZFR1VE5zWE5ZeVpGU0RKbDh2amVkcmJlRWhza1R2R0JRWE4rWTBWazhyejFvams1bWE0SFFqS1JjWXVkZHhyNnpkWEZTRGhkbFg3YVJYczltekZ6NDRNOGppUmtzYzh1UnMrQWlJYUU5bm8yaTExZTZsR2tOT3lzM2pSWEVUMU9mWS9TNW5XSWxhczBaQXBGUGhFZFZpNDh1RzdaaE53UTFRaU9JbnlQWWJyRW9TbXhrS1Ard0o5cm9pQ2NLNW1pMFNoTnFUZDk5N3ZUZk9vOGhMT0QvNFlRRW5CMlhsTkhDRlNXQ2ticGNtaTA3ODNuMUxsZz09fA&cppv=2

160 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.buhoblik.org.ua/
Redirect Chain

http://buhoblik.org.ua/
https://buhoblik.org.ua/
https://www.buhoblik.org.ua/

85 KB
15 KB

318ms
239ms

Document
text/html

2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5d04a26fe5991b18e92a5815e5fc6cddb6437c9ea1dbe27fbba14066e40ae948

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
content-encoding: gzip
content-length: 15387
content-type: text/html; charset=utf-8
date: Tue, 08 Nov 2022 01:51:40 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Tue, 08 Nov 2022 01:51:40 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-ray: p953:0.173/wn25401:0.160/wa25401:D=165571

Redirect headers

cache-control: max-age=0
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Tue, 08 Nov 2022 01:51:40 GMT
expires: Tue, 08 Nov 2022 01:51:40 GMT
location: https://www.buhoblik.org.ua/
server: nginx
x-ray: p953:0.010/wn25401:0.000/wa25401:D=3652

GET
H2 200 937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
www.buhoblik.org.ua/media/com_jchoptimize/cache/css/ 161 KB
23 KB 213ms
212ms Stylesheet
text/css 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/media/com_jchoptimize/cache/css/937d2c2ee43bca358b9b71d8167863c767f6a3e64cf2ba0703a7f07c0a987df3.css
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.000/wn25401:0.000/
content-encoding: br
last-modified: Sat, 15 Oct 2022 17:58:43 GMT
server: nginx
etag: W/"634af4d3-28387"
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H2 200 937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js Show response
www.buhoblik.org.ua/media/com_jchoptimize/cache/js/ 137 KB
44 KB 293ms
293ms Script
application/javascript 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buhoblik.org.ua/media/com_jchoptimize/cache/js/937d2c2ee43bca358b9b71d8167863c7fe11058a8effe382178f5c9b88baefc8.js
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.000/wn25401:0.000/
content-encoding: br
last-modified: Sat, 15 Oct 2022 17:58:43 GMT
server: nginx
etag: W/"634af4d3-223b2"
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

131ms
42ms

Script
text/javascript

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 08 Nov 2022 16:53:37 GMT

Redirect headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Tue, 08 Nov 2022 02:21:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 169ms
64ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c74ed85bbc0ae64417ce1529b4e2f5e0627981a2437d682d18f276878dc1597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55179
x-xss-protection: 0
server: cafe
etag: 12577002608489853637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:51:41 GMT

GET
H2 200 list_black.png
www.buhoblik.org.ua/images/ 417 B
634 B 74ms
73ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/list_black.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Thu, 27 Aug 2015 18:43:06 GMT
server: nginx
etag: "55df5a3a-1a1"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 417
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H2 200 youtube-32.png
www.buhoblik.org.ua/images/ 918 B
1 KB 75ms
73ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/youtube-32.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Sat, 21 Mar 2020 22:41:20 GMT
server: nginx
etag: "5e769810-396"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 918
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 145ms
62ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc24207e02e917343e229ac81dfb95975693aef4c1da036bcb8f5c1e17368040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Origin: https://www.buhoblik.org.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55159
x-xss-protection: 0
server: cafe
etag: 10327956303462470429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:51:41 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 735ms
114ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:39 GMT
server: nginx
etag: W/"63049f2f-2c101"
x-cached-since: 2022-11-08T01:50:43+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Tue, 23 Aug 2022 09:45:59 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 01:51:04 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 37
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 08 Nov 2022 03:51:04 GMT

GET
H2 200 module-main3.png
www.buhoblik.org.ua/images/ 70 KB
70 KB 73ms
72ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/module-main3.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Sun, 13 Feb 2022 17:15:45 GMT
server: nginx
etag: "62093cc1-11743"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 71491
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H/1.1 200
OK buhoblik_org_ua Show response
xn--r1a.website/s/ Frame ABE9 98 KB
13 KB 557ms
361ms Document
text/html 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/s/buhoblik_org_ua

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

4af5ac3969cc9c02051e764dfe344562f0ea9ab2b2d07f19d504454c8246ca9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Nov 2022 01:51:42 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=35768000
Transfer-Encoding: chunked

GET
H2 200 num_star.png
www.buhoblik.org.ua/images/ 2 KB
2 KB 205ms
204ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/num_star.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.011/wn25401:0.000/
last-modified: Tue, 03 Jan 2017 22:58:31 GMT
server: nginx
etag: "586c2c97-652"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1618
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ 353 KB
116 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45dc2c74defcfb43d6cffe89888701b72418edb91e77c32d1a0c7aa8d235889b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119048
x-xss-protection: 0
server: cafe
etag: 7081156420943954729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:51:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 0EBB 10 KB
5 KB 127ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 49440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 12:07:41 GMT
etag: 2424782735605397694
expires: Mon, 21 Nov 2022 12:07:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pdf-sborniki-vnizu-115-2022.png
avto-oblik.com.ua/images/ 72 KB
72 KB 230ms
58ms Image
image/png 2001:41d0:602:3b8e::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avto-oblik.com.ua/images/pdf-sborniki-vnizu-115-2022.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:602:3b8e:: , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: wn37539:0.000/
last-modified: Mon, 27 Dec 2021 15:47:26 GMT
server: nginx
etag: "61c9e00e-1201c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 73756
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H2 200 dovidnik-buhgaltera-238.png
www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/ 16 KB
16 KB 235ms
234ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/dovidnik-buhgaltera-238.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Wed, 26 Jul 2017 08:14:12 GMT
server: nginx
etag: "59784f54-3eb3"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16051
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H2 200 sidebar-uchet-2021.png
www.buhoblik.org.ua/images/ 58 KB
58 KB 235ms
235ms Image
image/png 2a06:6440:0:2d02::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buhoblik.org.ua/images/sidebar-uchet-2021.png
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
x-ray: p953:0.000/wn25401:0.000/
last-modified: Wed, 06 Apr 2022 09:28:41 GMT
server: nginx
etag: "624d5d49-e758"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 59224
expires: Thu, 08 Dec 2022 01:51:41 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 128ms
47ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1041089324&utmhn=www.buhoblik.org.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&utmhid=1902366401&utmr=-&utmp=%2F&utmht=1667872301711&utmac=UA-23922474-1&utmcc=__utma%3D21695912.541101146.1667872302.1667872302.1667872302.1%3B%2B__utmz%3D21695912.1667872302.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1495868425&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
700 B 167ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.buhoblik.org.ua&callback=_gfp_s_&client=ca-pub-5630956766216465&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ad3781ddc14dbfeb4ceab05fa2a620dc59557c8f4fa2db4a9ef19ced3228779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 176ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.buhoblik.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 159ms
52ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.buhoblik.org.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3E5 23 KB
10 KB 764ms
680ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd7de43814562f0070a51ec0b52807927c6e35baa26a6fe0688b0c536e78e125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9889
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:42 GMT
expires: Tue, 08 Nov 2022 01:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C999 109 KB
36 KB 519ms
462ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1667872300&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301607&bpp=2&bdt=609&idt=170&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hAI8soT1Iy&p=https%3A//www.buhoblik.org.ua&dtd=174

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0035cf9e86c4aad513f043428611de9dd9325316247e0ac7516c6fb8d3cf6715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36877
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:42 GMT
expires: Tue, 08 Nov 2022 01:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 557E 23 KB
10 KB 332ms
284ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301616&bpp=3&bdt=618&idt=171&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ppF8Zoowsk&p=https%3A//www.buhoblik.org.ua&dtd=174

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67c87f81d09ca17158df34e8f41945696a59a07e3e4e642725e68ae127faa980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9839
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:42 GMT
expires: Tue, 08 Nov 2022 01:51:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 688E 0
19 B 83ms
51ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1667872300&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301623&bpp=1&bdt=625&idt=178&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C730x280&nras=1&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=1118543201&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=183

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:41 GMT
expires: Tue, 08 Nov 2022 01:51:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 557E 3 KB
1 KB 140ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301616&bpp=3&bdt=618&idt=171&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ppF8Zoowsk&p=https%3A//www.buhoblik.org.ua&dtd=174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 557E 17 KB
8 KB 135ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 557E 154 KB
48 KB 158ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667824238049716"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 01:51:42 GMT

GET
H2 200 font-roboto.css
telegram.org/css/ Frame ABE9 6 KB
894 B 155ms
43ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/font-roboto.css?1

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: W/"63512b7d-1816"
content-type: text/css
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 widget-frame.css
telegram.org/css/ Frame ABE9 86 KB
22 KB 197ms
86ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/widget-frame.css?63

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

803df509fe55bade6e1d161b961ff9c59c6645daa104e41b453ca014628d7994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: W/"63512b7d-15800"
content-type: text/css
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 telegram-web.css
telegram.org/css/ Frame ABE9 30 KB
8 KB 200ms
89ms Stylesheet
text/css 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/css/telegram-web.css?35

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9b1e68362961b7641e00727d943f8b3104889789fca2f38ddd5a9367619f75f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 09 Oct 2022 13:18:38 GMT
server: nginx/1.18.0
etag: W/"6342ca2e-79e7"
content-type: text/css
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 ETfM-4wqSiYt4sk2XT9LD85E_7dgux3gQ7HTMZSxTO-WokqfqChg6594Pg8vPp2ZXHGHnRZPOH4ej8xtuVYa6BeNs3nT9xYmird9oBRJQmJxJR2QXw-Q350iZTFIq1Y77OgWaGch2DXWVrZbaf6KGC9kzxka6IhpeDLaMamoQZ28k9HmCF26nVL6K84WJoLWUJk3-...
cdn4.telegram-cdn.org/file/ Frame ABE9 5 KB
5 KB 112ms
45ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/ETfM-4wqSiYt4sk2XT9LD85E_7dgux3gQ7HTMZSxTO-WokqfqChg6594Pg8vPp2ZXHGHnRZPOH4ej8xtuVYa6BeNs3nT9xYmird9oBRJQmJxJR2QXw-Q350iZTFIq1Y77OgWaGch2DXWVrZbaf6KGC9kzxka6IhpeDLaMamoQZ28k9HmCF26nVL6K84WJoLWUJk3-Ur_VhH63D-6CzH-sediF2k6IFOvmMiEPfH5yPmzptM2dHqYq1VjzCFSJy0VMIgqS6zXh3HleqhlNFwHlc-P16umKkVB-fVuio2DivCcgmdMESmuBrgWMVN5auM5P-G_BS8cEYC6Lunn0Y2ojQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

1da67e20c0a4ac1486f38f01e01cdb805992a3f857ef49dccd9529e6b7571d0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4611
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "c306c2f92fde71f3d8b7f957309116d3efaf27c1"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 jquery.min.js Show response
telegram.org/js/ Frame ABE9 94 KB
38 KB 48ms
47ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-1762a"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 jquery-ui.min.js Show response
telegram.org/js/ Frame ABE9 96 KB
32 KB 89ms
89ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/jquery-ui.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 17:54:14 GMT
server: nginx/1.18.0
etag: W/"5a05e7c6-181a9"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 tgwallpaper.min.js Show response
telegram.org/js/ Frame ABE9 3 KB
2 KB 87ms
85ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/tgwallpaper.min.js?3

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 19:57:25 GMT
server: nginx/1.18.0
etag: W/"62211da5-ba3"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 tgsticker.js Show response
telegram.org/js/ Frame ABE9 24 KB
7 KB 87ms
86ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/tgsticker.js?29

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

dd6e691a27d07125e04993917cfb3f75ac9d8926f6b66d7c2e45368aa130e660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 21:52:44 GMT
server: nginx/1.18.0
etag: W/"62bcc9ac-5faf"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 widget-frame.js Show response
telegram.org/js/ Frame ABE9 91 KB
25 KB 88ms
87ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/widget-frame.js?60

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

b4dc7118464c434f7caac42fd0535dac1102dfcace0feb4c35e3bb29594b14c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sat, 08 Oct 2022 23:46:30 GMT
server: nginx/1.18.0
etag: W/"63420bd6-16c85"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 telegram-web.js Show response
telegram.org/js/ Frame ABE9 12 KB
4 KB 88ms
87ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-web.js?14

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 10:32:52 GMT
server: nginx/1.18.0
etag: W/"62345fd4-2e63"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 557E 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC_iTLbZpY8enNZSHgAey-7igCeSP0rFcn8_RkMcBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAut484uMU7M-qAMBqgTmAU_Qr9-uSrBaMvnHSgXiCflS8v2je6kfme9pg71QOzpgj1mH-9jNJfFlARGHAX8T5zarSnZP4-5TPOrVPVQW6ZRqdxmGjkEXQEw52uOLJtDCp8KGM7eEITMn_0le4wCJPdjU6dEUhko3sc2lGCo6uahAcjwHfIHEXQnD9j7qAz0sTwXxvgs7aXR6DeUzP1ZgGNlDbL3myO_QApempu8sK3X2QHD2YNRsLvuncDBYLhWq4rBjRGF3Jg_c6BewFsW0ackbLaBHxs7btscsL-AnlEH55Y51sBIwdC7L79EgGJbyjqa4VeYlgAaw5_uThp741FKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=R-6CSQr7Hrg&uach_m=[UACH]&cid=CAQSGwDq26N9i0-2CZoPnP-MK9PytTh5s7bg0R9YtBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301616&bpp=3&bdt=618&idt=171&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ppF8Zoowsk&p=https%3A//www.buhoblik.org.ua&dtd=174
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Nov 2022 01:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Nov 2022 01:51:42 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 557E 0
0 115ms
36ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqDOFL_6RNoFmAKH-lcYAgAAAO5igEQ3rr8m2nHJuhAstmljk3834AynXVat_h4AEgAA&wp=Y2m2LQANU8cK4AOUAA49sooNWA9WCKPPNsIZOA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 266954
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A3FD 197 KB
56 KB 221ms
133ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2m2LQANU8cK4AOUAA49sooNWA9WCKPPNsIZOA&u=%7CyUOaHcNGfawmlRIYjJtAKYxXFDZWrXyNoFPOKN9qSuk%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD2CBj6s_a0QN-swH87d7H9faEAwFe4YwrhqwhVPXPiLovG8uknaXM7PO33r3zIGZjc12qwhHLE9tU9tSKv5PlBcC2AE50Wm7VGHRSzvk2IaK7E_YTzSqcIo2m8yyCrPV8O5ZvWHQcbd6K8ir6tbxAY1GcYMi5NnVKuR9ULsLfpTly4I9mE_b7V3loVRpEf63U3VtLL8Xh5iP2aw8Y2K6eXS1q29OUfAZgsj5ChgfrUD5tSM5m-LQR210mVEdOpw4oc6CDWMFFhQn9kDcUZxIRtC69RDbIH-WbefVI4uaCX88AW9zkRv0VHDMdZRveJJPLSQRZsSANfJsN6m0AtGk2Hb2d1aMVLNePvvrnXz9BI8CPngk-gIx0dGWF1re0SICbSFBkIIT71jZVgpKTO41WjPyptzCS8SlxxFxc8cgSx97m3IyZNwtXCPtHhECEJydovbXg1cKczRwObqINNJIfmXalVyPUX6UEFVYheUWPhJl_uF3k6H_g_xhxztF-cafke1bF53hWa71VQi34ut0M6DtNbooLSc106kJ2CbenwHnmLEn1WMK-hatQvFh1f_Ma&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCViVZLbZpY8enNZSHgAey-7igCeSP0rFcn8_RkMcBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAut484uMU7M-qAMBqgTpAU_Qr9-uSrBaMvnHSgXiCflS8v2je6kfme9pg71QOzpgj1mH-9jNJfFlARGHAX8T5zarSnZP4-5TPOrVPVQW6ZRqdxmGjkEXQEw52uOLJtDCp8KGM7eEITMn_0le4wCJPdjU6dEUhko3sc2lGCo6uahAcjwHfIHEXQnD9j7qAz0sTwXxvgs7aXR6DeUzP1ZgGNlDbL3myO_QApempu8sK3X2QHD2YNRsLvuncDBYLhWq4rBjRGF3Jg_c6BewFsW0aYsZDDKUZDzeJTUjt2NDCOr68YTJujwor6BQi02Bp4jelnc_v-O2WGWSgAaw5_uThp741FKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bty1nC5llfz7ZKUHfRnVTWmXuNg%26client%3Dca-pub-5630956766216465%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ad3b8591ce06628ac4b723889894eacc632ce12ee10fd59ae7949d343cc47267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=o_5AZhxB7Gu3UAaBiz37hHo3mqiTj9bJydLxN8Ugh2EAewCXw2ozuakjY5WRFhQx1AQv0FbcUBFak0pzhSi8-IOBK2JJmTdLuExZ2lsBE1JgaesakvaCNKGwS8ryZIXNaitRJ6Fr0PAmo7XrokH2eutHGNMjm6g7hEpOS5QQ1-X2rd0YYLK_IT806Z6jznXKpqqz3Fe6rsdWMkJdXH_tgN84FwJRl7Xy_7qfrZtngAg2tBXw25xw3ogANJHOvjNn8HKg_A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 97003768
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 557E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a21aa9b84dd8ba15bb105cc6f80e2b17b18b42b3a1056d3f9a0b9ee0f99948e0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6ab016790426e7d037bac2fbd741d34d.js Show response
www.gstatic.com/mysidia/ Frame C999 9 KB
4 KB 125ms
41ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ab016790426e7d037bac2fbd741d34d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1667872300&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301607&bpp=2&bdt=609&idt=170&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hAI8soT1Iy&p=https%3A//www.buhoblik.org.ua&dtd=174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4168
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 22:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 08:51:22 GMT

GET
H3 200 fae9281d7676db9a8afd767185428220.js Show response
www.gstatic.com/mysidia/ Frame C999 136 KB
50 KB 126ms
43ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae9281d7676db9a8afd767185428220.js?tag=video_mra/web_raspberry

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ea1cf0536ecea857deddeeed195fb49ba0cd3331fccebf690bdcdb422ec17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51426
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 20:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 21:41:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C999 13 KB
1 KB 140ms
51ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:55:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Nov 2022 01:51:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame C999 2 KB
765 B 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame C999 23 KB
9 KB 128ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame C999 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame C999 17 KB
7 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C999 154 KB
47 KB 134ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667824238049716"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 01:51:42 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame C999 34 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 22:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 20:18:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame ABE9 11 KB
11 KB 133ms
44ms Font
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://xn--r1a.website
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b14"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11028
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame ABE9 11 KB
11 KB 177ms
88ms Font
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://xn--r1a.website
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-2b40"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 11072
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
telegram.org/fonts/Roboto/ Frame ABE9 6 KB
7 KB 173ms
88ms Font
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://xn--r1a.website
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-19e8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 6632
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A3FD 2 KB
1 KB 110ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2m2LQANU8cK4AOUAA49sooNWA9WCKPPNsIZOA&u=%7CyUOaHcNGfawmlRIYjJtAKYxXFDZWrXyNoFPOKN9qSuk%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD2CBj6s_a0QN-swH87d7H9faEAwFe4YwrhqwhVPXPiLovG8uknaXM7PO33r3zIGZjc12qwhHLE9tU9tSKv5PlBcC2AE50Wm7VGHRSzvk2IaK7E_YTzSqcIo2m8yyCrPV8O5ZvWHQcbd6K8ir6tbxAY1GcYMi5NnVKuR9ULsLfpTly4I9mE_b7V3loVRpEf63U3VtLL8Xh5iP2aw8Y2K6eXS1q29OUfAZgsj5ChgfrUD5tSM5m-LQR210mVEdOpw4oc6CDWMFFhQn9kDcUZxIRtC69RDbIH-WbefVI4uaCX88AW9zkRv0VHDMdZRveJJPLSQRZsSANfJsN6m0AtGk2Hb2d1aMVLNePvvrnXz9BI8CPngk-gIx0dGWF1re0SICbSFBkIIT71jZVgpKTO41WjPyptzCS8SlxxFxc8cgSx97m3IyZNwtXCPtHhECEJydovbXg1cKczRwObqINNJIfmXalVyPUX6UEFVYheUWPhJl_uF3k6H_g_xhxztF-cafke1bF53hWa71VQi34ut0M6DtNbooLSc106kJ2CbenwHnmLEn1WMK-hatQvFh1f_Ma&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCViVZLbZpY8enNZSHgAey-7igCeSP0rFcn8_RkMcBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjXIAQmpAut484uMU7M-qAMBqgTpAU_Qr9-uSrBaMvnHSgXiCflS8v2je6kfme9pg71QOzpgj1mH-9jNJfFlARGHAX8T5zarSnZP4-5TPOrVPVQW6ZRqdxmGjkEXQEw52uOLJtDCp8KGM7eEITMn_0le4wCJPdjU6dEUhko3sc2lGCo6uahAcjwHfIHEXQnD9j7qAz0sTwXxvgs7aXR6DeUzP1ZgGNlDbL3myO_QApempu8sK3X2QHD2YNRsLvuncDBYLhWq4rBjRGF3Jg_c6BewFsW0aYsZDDKUZDzeJTUjt2NDCOr68YTJujwor6BQi02Bp4jelnc_v-O2WGWSgAaw5_uThp741FKgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bty1nC5llfz7ZKUHfRnVTWmXuNg%26client%3Dca-pub-5630956766216465%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame A3FD 2 KB
1 KB 110ms
37ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A3FD 308 B
636 B 37ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A3FD 293 B
621 B 36ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame A3FD 43 B
348 B 202ms
39ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=XY72SVtXm_-K3V6-0jENPTdceZKC2BNrietZ9MqNgMQFsEA983qkOjzRhOmYBmco9Jh1nFj6cWv1-b1m05bynSjiEHQl1-kiRGkv8zEKacL71OxPZYcM4CkTncMsO-xZPGLwyjW7B-zONrsra7Zq7HKmkhvSyOfzPPYWHxEurw4gH1XhCmivA7yLR5csiQC0lDM0oy1DHNpFsG5xIZWW_Z9lDeUqAMkn_jq56Sf1qUNtIpwywztHkPkpGU3IcqIiKInfSqZ9YRg4qqOmC2-2j5S2UwZJ-3gJG6pvWM8rJ-77XGA8MiHRbtesqelRv5dFuvHFul_KI5aR_XHjbZhQDX7TdybjRFYGFGa3x31-tInXv6NLE_P85p68s5T08jRoVdnw5-AUETfdOmG4hS8labdggBcH5JK13NlfJPf_rNYfL0XH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3396059
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Bzi4b8Yz7KFRXgISY1-X1yMkSLc2jERJjK0pQNLrHMLZRdk2jghjEl18hWRx_RBvCynRiErSANENo5HJG8CCj0Os2v_hE1ppZ-BMdA1TQ2vB4g9PVYN6t-ADLXBnvobOsGExqI1hat8YEBLhJpjHDVDhGGbCy6jBo1VlFerBcnW7lX1-SCIXAEV4afid3t77y820_...
cdn4.telegram-cdn.org/file/ Frame ABE9 71 KB
71 KB 58ms
55ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/Bzi4b8Yz7KFRXgISY1-X1yMkSLc2jERJjK0pQNLrHMLZRdk2jghjEl18hWRx_RBvCynRiErSANENo5HJG8CCj0Os2v_hE1ppZ-BMdA1TQ2vB4g9PVYN6t-ADLXBnvobOsGExqI1hat8YEBLhJpjHDVDhGGbCy6jBo1VlFerBcnW7lX1-SCIXAEV4afid3t77y820_6DMTss9Hh6G6uv_bN6fXOWRm15mUjzMEhlXVyETfZsA3ALiUoVu4Fl72jIzPqkEACtsgIAJTHxMwewLH9IlXDKlTgrhnd7I6BoPrGRyP9Zbh1bMbgQPAuaOVGQmGpCzHCkwFdMbeb5FDhv71w.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

dabffe4a0b71d6abf83cc82c3ed7fcda4cc3582a4197e026117f2dc99c1dde3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72546
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "abb30017fd4e5d5179d0189b465a263e33c2a12d"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
DATA 200
OK truncated
/ Frame ABE9 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 E280BC.png
telegram.org/img/emoji/40/ Frame ABE9 1 KB
1 KB 46ms
45ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/E280BC.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4a003dc58f3e95a18e44712b9161181319e6a40613242cbcac158f6dc8d7339d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-4a6"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 1190
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 E28FB1.png
telegram.org/img/emoji/40/ Frame ABE9 3 KB
4 KB 46ms
45ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/E28FB1.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b7b093955e7487be1bbec86d8a7ab2012c4716b5cf31b2b6df500edc04c06255

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-d5a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 3418
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 F09F9385.png
telegram.org/img/emoji/40/ Frame ABE9 2 KB
2 KB 46ms
45ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/F09F9385.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5abe4ec1b14120ec963c7bec8267ed0bbdcd52694f48daf0f1a57279748a1c6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-7f3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 2035
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
telegram.org/fonts/Roboto/ Frame ABE9 6 KB
7 KB 117ms
89ms Font
application/octet-stream 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by: Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41

Request headers

Referer: https://telegram.org/css/font-roboto.css?1
Origin: https://xn--r1a.website
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Thu, 20 Oct 2022 11:05:33 GMT
server: nginx/1.18.0
etag: "63512b7d-193c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 6460
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 2E80 738 B
518 B 104ms
103ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 08 Nov 2022 01:51:42 GMT
etag: W/"63049f42-2e2"
expires: Sat, 04 Nov 2023 12:31:52 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-11-03T12:31:52+00:00
x-id: fr5-up-gc36

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/49044/ 23 KB
8 KB 109ms
108ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:56 GMT
server: nginx
etag: W/"63049f40-5d41"
vary: Accept-Encoding
x-cached-since: 2022-10-13T19:25:04+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 14 Oct 2023 19:25:04 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/49044/ 75 KB
20 KB 118ms
117ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:45 GMT
server: nginx
etag: W/"63049f35-12c39"
vary: Accept-Encoding
x-cached-since: 2022-11-04T14:08:09+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sun, 05 Nov 2023 14:08:09 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/49044/ Frame 357C 738 B
405 B 110ms
109ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Tue, 08 Nov 2022 01:51:42 GMT
etag: W/"63049f42-2e2"
expires: Sat, 04 Nov 2023 12:31:52 GMT
last-modified: Tue, 23 Aug 2022 09:34:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-11-03T12:31:52+00:00
x-id: fr5-up-gc36

GET
H2 200 E29C85.png
telegram.org/img/emoji/40/ Frame ABE9 2 KB
2 KB 45ms
44ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/E29C85.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d097bda59092b06b5bb3051bbef1791e8a7fc533a5aa62e40e898b3ec9308249

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-666"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 1638
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 F09F92BB.png
telegram.org/img/emoji/40/ Frame ABE9 2 KB
2 KB 45ms
45ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/F09F92BB.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 26345a9625172670562d7ab2395db6bd15311e0f6cf5e66f2b4478bd994a7f6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-71b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 1819
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame C3E5 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame C3E5 17 KB
7 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Nov 2022 09:41:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3E5 154 KB
47 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667824238049716"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 01:51:42 GMT

GET
H3 200 fDk6kzhBQ0DeRyPvgjAMPrQKYVZ6f0j9VCABcUUeVMNl-dCYGPnRiz1tkg8nJpZMr8mvKtzAJmdiIW2fgSVDT3ghb6V7igOifuSreSDY-Oz5OQ4-g98If3SxohN86n5tcgErl1p3uoRR95UjTMOL5iY-TSW6-ht4V-AjJRAHOIEWjcK_VvPOXcBOJQ_OfPU1RPOtV...
cdn4.telegram-cdn.org/file/ Frame ABE9 111 KB
111 KB 181ms
119ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/fDk6kzhBQ0DeRyPvgjAMPrQKYVZ6f0j9VCABcUUeVMNl-dCYGPnRiz1tkg8nJpZMr8mvKtzAJmdiIW2fgSVDT3ghb6V7igOifuSreSDY-Oz5OQ4-g98If3SxohN86n5tcgErl1p3uoRR95UjTMOL5iY-TSW6-ht4V-AjJRAHOIEWjcK_VvPOXcBOJQ_OfPU1RPOtVTy-U8WwPlC4oPOeBwuMCxjz6ICPl8RHLVDyKsrObjm1frisDfwfdOOjbBt8AVIe8HjqqxRVXfPU4Zli5DE2AOG69U4x0LG2gF-MveJ5fMHESMhoUdxv-rrO1oYO3WG9t_dWcUd0C2hg038h4Q.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

3ab6bdc45b9e7ecded30d4f1c7b2215e990f446f331d3b646dffd6bb2c081c1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114107
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "776bbe9870fa58d9602df6d056a2227030b36098"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 E28FB0.png
telegram.org/img/emoji/40/ Frame ABE9 4 KB
4 KB 45ms
43ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/E28FB0.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 32ae77196cf412d763b87b2aa85b038f536201a0df7164ed74581402b4733511

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-10e4"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 4324
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H3 200 STCwgkfTpoxxTnWDa9szuYoSLImvkCjmin7JEqGFcxQk8cZ0hSny-9P0jK0CzQOZXCnN2_gD-sWA38nr1MK7ahxUFbgJbc-4UmqlGqagHCM78ddCZIKEyD3-TX-fztPVuPQ4P6gdeH8K2lfQYKWCfGP1YPXYiVfMBVitnxNf1uwr_G2xr5Vx0GSYCFYo3KYO0d6UN...
cdn4.telegram-cdn.org/file/ Frame ABE9 74 KB
74 KB 176ms
115ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/STCwgkfTpoxxTnWDa9szuYoSLImvkCjmin7JEqGFcxQk8cZ0hSny-9P0jK0CzQOZXCnN2_gD-sWA38nr1MK7ahxUFbgJbc-4UmqlGqagHCM78ddCZIKEyD3-TX-fztPVuPQ4P6gdeH8K2lfQYKWCfGP1YPXYiVfMBVitnxNf1uwr_G2xr5Vx0GSYCFYo3KYO0d6UN52-lcbtFP82mR0GIVoJnN1LnFI0kcWPZtqE_rgb_voSRtgu3H5QRaJE2SOteqa_zX746yDXd8sG4C_7Izxje2sMdiFVSkYY2XuNVf31mKo33tTCZam1yDJ8c_osD5B3NTlN21f1hFnYi9kQIg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

1d08840a75c155fca6642bcc3d7ecc34497f6e0d19d030b1f2e0e249c753cfa3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75518
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "b6ef20de73f0107d5f6e8727b2951a9fcf7b3174"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 rSL_9XkeX4NnzK60X6tem7ExlWWcf7cNz7_6ydgaQEe-NnnCMMjzs54oIw_QJm2YXroi9rZhIGmS_Fh1f1p5zm2PIR3Z1HqxZny4Z_b6xMIK2qlWEfAz0UcxNMOLG_WEPT7BL-oLBZMcfYZ-qhh7n4p7o36_FIAUFSSskn9kHD10TcX-F04VazcyL1JdWuzLflocf...
cdn4.telegram-cdn.org/file/ Frame ABE9 59 KB
59 KB 141ms
80ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/rSL_9XkeX4NnzK60X6tem7ExlWWcf7cNz7_6ydgaQEe-NnnCMMjzs54oIw_QJm2YXroi9rZhIGmS_Fh1f1p5zm2PIR3Z1HqxZny4Z_b6xMIK2qlWEfAz0UcxNMOLG_WEPT7BL-oLBZMcfYZ-qhh7n4p7o36_FIAUFSSskn9kHD10TcX-F04VazcyL1JdWuzLflocfzusB8Su4W7rKwtkvAq7z70qbpv18PM1_t2M2MhXcwLre5a3ezhzO0VmXlxFF1Uuz6FciEaf9A6zlGkJvO4r3SVACEnwdRHju2X5gPs0VELYADeEaXX5iKSCehvu6j1hTRcUnbyj_IWkmP_ZhA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

536dab3f6cefa51f81e172ead35c79e2de704da110f4ee6e8286c3fa782467f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60176
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "d8a30d193d651c7f503ab8ed688505e5c21a7241"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 E296B6.png
telegram.org/img/emoji/40/ Frame ABE9 2 KB
2 KB 45ms
43ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/E296B6.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cf834601aa3e59f6a61453790dc88447b3d3910cc297be5f7891c41cc0ca21e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-67a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 1658
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H3 200 fgVd_lX5BQXZeC1kOlIfSUQyTgOCVwGqa5OhTksajvAeEpCm7bkxjKWtzfmRRJiCVrgEbzUdCwzxKlgJe97-yIRZ2vsWYeYoI2syVijs02wrIfw8UhxKm1lN9D5Ds5fiqu124rhZ3HuJwJSuMgu74DCdZohhd_9XMW0T7eT96d6_zmeh2P-Fd1Xaa2sE2JAVtUABR...
cdn4.telegram-cdn.org/file/ Frame ABE9 139 KB
139 KB 117ms
57ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/fgVd_lX5BQXZeC1kOlIfSUQyTgOCVwGqa5OhTksajvAeEpCm7bkxjKWtzfmRRJiCVrgEbzUdCwzxKlgJe97-yIRZ2vsWYeYoI2syVijs02wrIfw8UhxKm1lN9D5Ds5fiqu124rhZ3HuJwJSuMgu74DCdZohhd_9XMW0T7eT96d6_zmeh2P-Fd1Xaa2sE2JAVtUABRd3i3Vyi0OGgrTwdkqtd6gokNUI8Eu_SNethfZrqiElJpZ0vPiRQL98uO2XKial8ZoOdWBZBPzlv4YnhTkLxQJ0jlNf72Q0k-HgRUU6eBCqUx410GyXwUfNfApoCIZTQvArowYOkwObLMTjCkg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

8f134d02dbaaa69fde869549843924df75159df9a772686e86d6621235df5f61

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142102
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "f105f66d4250bb4dc1e574dc506c118227fa18ae"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 O8pLDyhpYl8Tano213WGvez62UedT-mnni2ZH37kojXgTKp8NT_xgJ_NgtTRJY_8f_VzNa9_gdm_t8qQuOYitRgZb_5C1bUMsWB1h7M7dl8pJJhsOBQap4IiA3gUfMouQ4YStDWNHylfgxZ96nL2h8MYipc38Ebcq2S5MPDyBzTnMAhbFEUNsyX11XCD7c3NEjvT0...
cdn4.telegram-cdn.org/file/ Frame ABE9 127 KB
127 KB 161ms
101ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/O8pLDyhpYl8Tano213WGvez62UedT-mnni2ZH37kojXgTKp8NT_xgJ_NgtTRJY_8f_VzNa9_gdm_t8qQuOYitRgZb_5C1bUMsWB1h7M7dl8pJJhsOBQap4IiA3gUfMouQ4YStDWNHylfgxZ96nL2h8MYipc38Ebcq2S5MPDyBzTnMAhbFEUNsyX11XCD7c3NEjvT0tomxs8b4r2hEAppdg20Be304QCNqE18J9YD9dEgQ2h0ia1ieOiMMsVrxo1yGE4lK-hF0jrnDdGFpw53tH_5dbD3wzRaPBhyZ7NI9ZF4A85WvNJv4oykSNLEWfOgSaUu73wcQVWXp8MYJHfRNA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

270da210042927d64ae9d90ac346efb9251673a97dca3bce20cb86bac11fe8de

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130295
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "eb966f90854da668ec7d873dbcfebae49abbc00a"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 fS0EovK52KSd572rhhH6TEnx6Zi-VJwe2opnX5MS0lAN_sQL_TOrjVQUvQiRlHGO5Clyogt9eAiM5LfRRZv5pmIj6RFcJUaA4ONNFR9ID90TSg5zv1peNWRWASkG3q-4OGeEIXttYLsh2oSB9Y6If636g6VN0NJELGk3ltcxsZFSgzL-xn0npIJj9Qa2qdP7mDMLn...
cdn4.telegram-cdn.org/file/ Frame ABE9 117 KB
117 KB 114ms
55ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/fS0EovK52KSd572rhhH6TEnx6Zi-VJwe2opnX5MS0lAN_sQL_TOrjVQUvQiRlHGO5Clyogt9eAiM5LfRRZv5pmIj6RFcJUaA4ONNFR9ID90TSg5zv1peNWRWASkG3q-4OGeEIXttYLsh2oSB9Y6If636g6VN0NJELGk3ltcxsZFSgzL-xn0npIJj9Qa2qdP7mDMLn2U5eKNaGGXTY5Ngpbh_3pcnUrkTDrOqIrW1p4lge8K9oZG1smUfXMVDfdPM5vxFTDGOKwXoJRO1gtaRjvG3psjaQol0IGA52lzB0SgA_3ZC3_ICcQx-u5LRRwqCpL5lzWbwFCtKayBZe1TQiw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

fea9410090e77370f2d0d4d67902794536bada2b9db8bb8b5fa859c65d2c4e2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119403
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "b2c5e2ed09060f068c53e8e78bdc33b5372bfcea"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H3 200 Fo11wnhCwfije5UX8lJ011ar_1Nn51jOlGS1xVXyt9ME8zLQ76KZ22oqjSEmFY2VqHkM1_iEjKgzuzvvv077_QD6t7_Qjc_MKtpvDGbuGRFi-K5UX0NWQZNvfoUqu7jne1klyXKVq1aGTdHVScd9HPwrz4zZ1RKqvENsEcMmhoXUVESsF_8UV9vbUyaRMYAHP1Jm6...
cdn4.telegram-cdn.org/file/ Frame ABE9 70 KB
70 KB 150ms
91ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/Fo11wnhCwfije5UX8lJ011ar_1Nn51jOlGS1xVXyt9ME8zLQ76KZ22oqjSEmFY2VqHkM1_iEjKgzuzvvv077_QD6t7_Qjc_MKtpvDGbuGRFi-K5UX0NWQZNvfoUqu7jne1klyXKVq1aGTdHVScd9HPwrz4zZ1RKqvENsEcMmhoXUVESsF_8UV9vbUyaRMYAHP1Jm6YS4iE4PV0PY7RBMfv1lXhSTBloi1rD9ICHosS5Sums5vqtZxj0NofJe0M6ZTONdPTTFymtRT56ZoDOztSPDiiTswd0I8EGf6PefNYsMvvsuPYF8JTm4ve5sZzOMYZxudzTE6JqQ_sDp49p6jg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

2c9a2879929c9fdef7095f7a7e50abcce73f7479a9739e30be86f9cc5bb5de64

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71509
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "b9d3b03c9231bff915b4666eaf0f54c17253fbfd"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

GET
H2 200 F09F96A5.png
telegram.org/img/emoji/40/ Frame ABE9 1 KB
2 KB 44ms
44ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/F09F96A5.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 25acfe84806b66b7cd6fa3c4f94183e78a32025415c2bd01d3dfb16340ab2e47

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-595"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 1429
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H2 200 F09F968C.png
telegram.org/img/emoji/40/ Frame ABE9 2 KB
2 KB 44ms
44ms Image
image/png 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/emoji/40/F09F968C.png
Requested by: Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b87673d5f4085602ca52a2a9f1e923a436cfd682dce3050cf78fb11630e8f682

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
last-modified: Fri, 01 Nov 2019 00:04:50 GMT
server: nginx/1.18.0
etag: "5dbb76a2-82a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=345600
accept-ranges: bytes
content-length: 2090
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
H3 200 dF1XdyxNL-owJBsio9yw9v2LU_I8jjdTB5faiOnLAkYLrmxoGQNLU4PanUcvnjjb5t-5Q0BbhmPP9SvhqzGR9jRsrnlfBtiCY-pdY8Oqtiu9C_xQw_TDEtDjImVCHEbHvC4GombuUvUy5C1UeWWlgQwbrIWA06E8u2rBmgQxO1jCjjxT01hbHnxi1fwv1ZVW8yRpZ...
cdn4.telegram-cdn.org/file/ Frame ABE9 87 KB
87 KB 181ms
123ms Image
image/jpeg 34.111.35.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telegram-cdn.org/file/dF1XdyxNL-owJBsio9yw9v2LU_I8jjdTB5faiOnLAkYLrmxoGQNLU4PanUcvnjjb5t-5Q0BbhmPP9SvhqzGR9jRsrnlfBtiCY-pdY8Oqtiu9C_xQw_TDEtDjImVCHEbHvC4GombuUvUy5C1UeWWlgQwbrIWA06E8u2rBmgQxO1jCjjxT01hbHnxi1fwv1ZVW8yRpZquMnyZlGimBYzpJl5jmns45jInIxf126joXeQRyvRDn2GpMJD1nkObpYN8EcWeWb5LOzeFtEnmhxv_NmxWLfLkitHVDaukfsYICot8TLaAyrUzBjhgxRqDIKOAWsAXGf7fOhlmpsgdXo-EW5g.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/buhoblik_org_ua

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

152.35.111.34.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

e59d8c09b277f6914f2ff5b4f28a68e60f162530bb5eb6025763955f132fb93b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-security-policy: default-src 'none'; sandbox
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88601
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: "249c1ae250527f7a6a09d1f245d846d9b7992832"
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Length
cache-control: public,max-age=7200
accept-ranges: bytes, bytes

POST
H2 204 csi
csi.gstatic.com/ Frame C999 0
327 B 1300ms
473ms Ping
image/gif 2404:6800:4009:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~la7k3t36&c=1618942969247&slotId=809471484623.5&qqid=CJf11cC8nfsCFVAR4AodrZMKQA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fae9281d7676db9a8afd767185428220.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:828::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9073350859111287971/ Frame C999 2 KB
2 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9073350859111287971/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595223fd35cecfd0b17cad4a6b877ea300d07073c16b222d49a244029a1cc1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 17:50:43 GMT
x-content-type-options: nosniff
age: 374459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2087
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 18:50:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Nov 2023 17:50:43 GMT

GET
DATA 200
OK truncated
/ Frame C999 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3125865950332828226/ Frame C999 171 KB
171 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3125865950332828226/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca1273020811ccc5b793c2f116f4b9fafa29b6a70f76f749f6cbf342a9499c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 06:01:21 GMT
x-content-type-options: nosniff
age: 244221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175000
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:26:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 06:01:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C999 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL5OmLbZpY9eqNdCigAetp6qABKrhiadtxOyTm6UQ57LZ_tI0EAEg5-TyFmC7hoCA0AqgAdmG5KsoyAEJqQKEJFtrvPmSPqgDAcgDywSqBPABT9Cv4VAedd_bjoxo4Ba_S0lhXoGXFoMDSVhc-8I82RRnCf8OfQXycBtV3pFnsQdaEdxJx0c_XvJMLPPneacRV8nUWmNw8jpcDkT0oLG2LnZuPxu4cII8ZkstjHTQo0vskzFaHiKcEv2wGraniVP5ype99cBgMKrBIoDaFukXF0Lvxy8479q_ONA1QsrIF7X15nPXU_MgglgR1k7hOgfpWLidVhb0xk1M_JYtO4T1dfKnWsvcNdag3uQ3gNgOTRDSvlhjLwxEbiWOSy7729jMFNSNLTpkfS_D2BcmEUeXC-W9zg9EYV_8-cyvLdbG6VJowASbpeiwpwSSBQQIBBgBkgUECAUYBKAGLoAH2b60iwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC9uQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTnBvYEw6IFAHQFQGAFwGyFxwKGggAEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=xfyeGa9E8zQ&uach_m=[UACH]&cid=CAQSGwDq26N9WQSO_vev6ajVkyR82sO7XveOjlP6gRgBIA4&template_id=3484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1667872300&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301607&bpp=2&bdt=609&idt=170&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hAI8soT1Iy&p=https%3A//www.buhoblik.org.ua&dtd=174
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Nov 2022 01:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C3E5 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C38_dLbZpY_yuNbnhx_AP0MqGgAfkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjMwOTU2NzY2MjE2NDY1yAEJqQLrePOLjFOzPqgDAaoE4QFP0EqZDed8dC4wDqws2wYr12cNlPF7YPAc_b18I0wd1M7f2cVmhbEUVmMUwzKDjW6tO0JdLkkR0mnbtm_N1WicCZRCjXK4J2LYcbOW9KKgkqwah5sNr_MARhyZ4TOpQY0TsHy4Hm2iHidvgQpjAOduAedLvJLWPQGrgLaiaVHm-xYd6oQdisqAlSGecDSywqsondo7q7eNHw6aTFjcd2x3nIZ3R19tVPcWgnU5QlaTcKdGbQXzdvDZLPqIrghm1-ujnWUm-8OJOL8PBWg4Yzj0qt0cubnDXEC-Y1safT3f_uKABvzQk5e78qOP2QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=Qr9QdkbShl4&uach_m=[UACH]&cid=CAQSGwDq26N90x_TPTZ25z4Pst-AWw5rqqcnO9Y2BRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Nov 2022 01:51:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame C3E5 0
0 109ms
34ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ku-4E7_6RNoFmAKH-lcYAgAAAL3dF7qT-P8r2nHJuhAttmlj2OzOE59CHDoEDz8AEgAA&wp=Y2m2LQANV3wIEfC5AAGlUDHjLTgzLHVBDAlHtA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 287767
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7670 136 KB
46 KB 104ms
103ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2m2LQANV3wIEfC5AAGlUDHjLTgzLHVBDAlHtA&u=%7CyUOaHcNGfayaoe8X%2ByPaPbjRbXncWP6H3EMq%2BIZg%2Fcw%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD2CBj6s_a0QN-swH87d7H9Wb6OjsJXS8-Kw3RlaG__Tkd_Cighi7QozKK91jE5Vw29vgNMRUzYpnA_438AJ90Z2ZuCyXsgQY8NrQTK_L_CH4sru8HN5vwV-RyIGYhzRPP1J8sD4Zj5catYDCKJi2h8V_t08h7lMuOGtZ1tUW7dhBew0CF5iCvKt4d0qKKP20C9MJA8A9_rVX_1xEwZqrOxXgrXTM4iNtEYps9eF_-jTU5CyBm3IfMDSWNw93znS3j3B7B0r6QeytAuT2B6qVQoSGTAu4q1RqGggsYx6ifxOpK-UmcrhJO9OQ3pIDbvlyDC1A89N_aLJEWiAK4GoB0EfuBe3tnDmONvhL9IIER4fsM8Y38mXJU4avCpWASvSS-RVGjrXG0pZoaOaEzqKt4lj_UIxs9adx48y6O7164wIKKTqAO2OCFLgKvydjciFsf23FMnn6dqBnTqhbh8b5q8YhJrD8tzjtRZ4uZ-dNmRzUhpva6ectgKnke0FXjMA528nuk2kY2JCLZ-wYh0XA-lcR8ed2GFJrTkhcBKIAq-Mab1yDvxZoA-KK6Q6mEdspZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9PILbZpY_yuNbnhx_AP0MqGgAfkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjMwOTU2NzY2MjE2NDY1yAEJqQLrePOLjFOzPqgDAaoE5AFP0EqZDed8dC4wDqws2wYr12cNlPF7YPAc_b18I0wd1M7f2cVmhbEUVmMUwzKDjW6tO0JdLkkR0mnbtm_N1WicCZRCjXK4J2LYcbOW9KKgkqwah5sNr_MARhyZ4TOpQY0TsHy4Hm2iHidvgQpjAOduAedLvJLWPQGrgLaiaVHm-xYd6oQdisqAlSGecDSywqsondo7q7eNHw6aTFjcd2x3nIZ3R19tVPcWgnU5QlaTcKdGbQXzdvDZLPqI7ApHRTgBb2C1CcwRu9uTrmssaYT-hMXHNyKnwOEBfXcCrLo1-3FD6ICABvzQk5e78qOP2QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1V4jFmiXzBNjVooaTxZGbbFGrNrw%26client%3Dca-pub-5630956766216465%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301591&bpp=3&bdt=593&idt=145&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=8129897791964&frm=20&pv=2&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Wj63mZzOVO&p=https%3A//www.buhoblik.org.ua&dtd=161

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2305cb6ef037811f37af31f43d2d010b6ad5bceb247e5c74000caf276251b37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=wR74vhxB7Gu3UAaBiQYQbbs2f8XOE8KuM_5lSuedt81yLOIezveZX_aT4p1czGbmXggXP-jVwKxCWRAmCOos_wSg13g_A3Nlh9rpdmPSz9Fgmh2KAU3p4GDGMF048AQJ3IsyZCbNkXmUev5MKPxdLx0G3F_eRuxuyn4WkksC1EYpxJH-3r_MrwkgbbVeLJZ3kX91yw7KilCYSfjp6LiJcPSU-Cv0zHWeLYa1HemFo74euWKTXGx-kT-sFJRGF3fB2Boau-5C78zpjDcM"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 66509070
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pattern.svg
telegram.org/img/tgme/ Frame ABE9 225 KB
81 KB 46ms
45ms Image
image/svg+xml 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telegram.org/img/tgme/pattern.svg
Requested by: Host: telegram.org
URL: https://telegram.org/css/telegram-web.css?35
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://telegram.org/css/telegram-web.css?35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:45:08 GMT
server: nginx/1.18.0
etag: W/"62208e24-385d7"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=345600
expires: Sat, 12 Nov 2022 01:51:42 GMT

GET
DATA 200
OK truncated
/ Frame C999 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8d39d296e45d415d0d5ac47436cb13c599b6fb6628a3aedea22495b2f36b66a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A3FD 12 KB
5 KB 121ms
57ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 462703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MwdO5F9xiNQNKXWIgsFJwu5n9qXwRC2%2FeofccYjNsW08H0vlhXSRd7yAIAu74JA6Td%2F7GDhAl5vLbn48M%2FgTyADj4JdEbYolQHuNUhKNavNJP9bnhgLgexglsgQWpwcFBgLRG1u2HYCVU3j9I%2B18evR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 766aaa447de7e634-LHR
expires: Sun, 29 Oct 2023 01:51:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A3FD 12 KB
6 KB 35ms
35ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 8 KB
8 KB 126ms
35ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2187&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2187%2F221003%2F1a3bc6d02866446d90485453e51b1427_logo_n_horizontal_2.png&v=3&w=196&s=VS3LRgta5uzzZJ9HSHeKWDmI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

462d3ff9a98ba9bb2084eb4fe7d829f45143cd721b16eaafb7682c2104f170d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29923423
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8007
expires: Fri, 20 Oct 2023 09:55:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 15 KB
15 KB 157ms
67ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F214107%2FRolex-Day-Date40-228348RBR-214107-2-220222-111128.jpg&v=3&w=800&s=lA3jy_SB4-lHzm4eSje2DOFz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cbc95dce273933711c5e171acd5ec4c04fd56b5414acd8950150a2edb88c1ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15272
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 16 KB
16 KB 159ms
69ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F223426%2FOmega-SpeedmasterMoonwatch-3578.51.00-223426-1-220711-122207.jpg&v=3&w=800&s=uavl42fdmSmzPiMtAsotZsvQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

75af46f9855535d00cbfdc0c1b1dc6539373586bf154a9aae5e0855fe52e3a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16572
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 21 KB
22 KB 199ms
109ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fcatalogue%2F9361%2FBreitling-SuperOceanHeritage-A13320-9361-181207-171020-.jpg&v=3&w=800&s=Z8nDDXjYNW8x4DHjDWvGkmHz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

21f2b3323a6d64ee66a495447fed2c707f1f1ea81c611abe5105ea97f00a2146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21998
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 10 KB
11 KB 172ms
82ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F219768%2FIWC-PortugieserJubilee-IW544102-219768-3-221013-142032.jpg&v=3&w=800&s=hbtfowKiBE7V4llcYaTIpZKk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7a7c10739ca59c5cd9679fdf04b0a823652d4c4c165936c36e6bd18017c86b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10744
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 15 KB
15 KB 195ms
105ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F230393%2FTagHeuer-Carrera-CV201AG.BA0725-230393-2-220928-134414.jpg&v=3&w=800&s=P6tI7SO52tv_q_XnVXEvBRJS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f4a16b2ec7d65f705a32ec6ddc629905a9bfee91159d269da19805a8765b84e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14876
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 15 KB
16 KB 123ms
123ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F225637%2FZenith-Defy-95.9005.900401.M9000-225637-1-220815-094909.jpg&v=3&w=800&s=02P_-zxrrV3QM9PF1iSvFtxj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c7e8136357ce5a071686ad38223365029e4cf77be820cd7793f2b16e08052abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15772
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 13 KB
14 KB 131ms
131ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F229806%2FRolex-Submariner-16613-229806-1-220916-112544.jpg&v=3&w=800&s=4XKejFtaSS6fmaVa7bb3IGV1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4908896cedd11c06d17125dbe0c341712807d6334dcba791d83d6f3957721d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13812
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 11 KB
11 KB 135ms
134ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F226703%2FRolex-Datejust41-126300-226703-2-220929-091108.jpg&v=3&w=800&s=LHQ9mX7K9a9gdMmWmvri9TiP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c9e5b3217bf2a506c0beef0610f9a3e540bf834d12791ae984f06612bcaa2b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11010
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A3FD 12 KB
12 KB 139ms
139ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2187&q=80&r=0&u=https%3A%2F%2Fimages.watchfinder.co.uk%2Fimgv2%2Fstock%2F232625%2FRolex-Datejust41-126300-232625-2-221017-152958.jpg&v=3&w=800&s=87MCu157ZFn8G7_L3ohhbo0E&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3f0e8e48d69bb2ab751a1fb2cc10c2045678763307f82e8f54990aca4aca4f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12490
expires: Fri, 03 Nov 2023 01:51:42 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A3FD 0
128 B 250ms
35ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=o_5AZhxB7Gu3UAaBiz37hHo3mqiTj9bJydLxN8Ugh2EAewCXw2ozuakjY5WRFhQx1AQv0FbcUBFak0pzhSi8-IOBK2JJmTdLuExZ2lsBE1JgaesakvaCNKGwS8ryZIXNaitRJ6Fr0PAmo7XrokH2eutHGNMjm6g7hEpOS5QQ1-X2rd0YYLK_IT806Z6jznXKpqqz3Fe6rsdWMkJdXH_tgN84FwJRl7Xy_7qfrZtngAg2tBXw25xw3ogANJHOvjNn8HKg_A&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A3FD 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A3FD 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H3

206

videoplayback
r3---sn-aigl6nzl.gvt1.com/ Frame C999
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=9e5d8bd04b972568&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1667879502&sparams=ip,ipbits,expire,id,...
https://r3---sn-aigl6nzl.gvt1.com/videoplayback?id=9e5d8bd04b972568&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667879502&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

711 KB
711 KB

274ms
184ms

Media
video/mp4

2a00:1450:4009:f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigl6nzl.gvt1.com/videoplayback?id=9e5d8bd04b972568&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667879502&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=76F7A0F5A392B3E03D477D03FA47CDE7A2144FD9.30A7322A70C2C8654E559963151CA84C6CE41991&key=cms1&cms_redirect=yes&mh=7j&mip=2001:ac8:21:e::3&mm=28&mn=sn-aigl6nzl&ms=nvh&mt=1667872103&mv=m&mvi=3&pl=48

Requested by

Protocol

Server

2a00:1450:4009:f::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5883b0172a34ad111128a49accdb497837041f1007b3770d4c35b83db58f0007

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 08 Nov 2022 01:51:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 13:36:29 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-728540/728541
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 728541
expires: Tue, 08 Nov 2022 01:51:43 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:42 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-aigl6nzl.gvt1.com/videoplayback?id=9e5d8bd04b972568&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1667879502&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=76F7A0F5A392B3E03D477D03FA47CDE7A2144FD9.30A7322A70C2C8654E559963151CA84C6CE41991&key=cms1&cms_redirect=yes&mh=7j&mip=2001:ac8:21:e::3&mm=28&mn=sn-aigl6nzl&ms=nvh&mt=1667872103&mv=m&mvi=3&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
xn--r1a.website/v/ Frame ABE9 4 B
349 B 181ms
181ms XHR
application/json 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/v/

Requested by

Host: telegram.org
URL: https://telegram.org/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Accept: */*
Referer: https://xn--r1a.website/s/buhoblik_org_ua
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 01:51:42 GMT
Strict-Transport-Security: max-age=35768000
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-store
Connection: keep-alive

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7670 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y2m2LQANV3wIEfC5AAGlUDHjLTgzLHVBDAlHtA&u=%7CyUOaHcNGfayaoe8X%2ByPaPbjRbXncWP6H3EMq%2BIZg%2Fcw%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvD2CBj6s_a0QN-swH87d7H9Wb6OjsJXS8-Kw3RlaG__Tkd_Cighi7QozKK91jE5Vw29vgNMRUzYpnA_438AJ90Z2ZuCyXsgQY8NrQTK_L_CH4sru8HN5vwV-RyIGYhzRPP1J8sD4Zj5catYDCKJi2h8V_t08h7lMuOGtZ1tUW7dhBew0CF5iCvKt4d0qKKP20C9MJA8A9_rVX_1xEwZqrOxXgrXTM4iNtEYps9eF_-jTU5CyBm3IfMDSWNw93znS3j3B7B0r6QeytAuT2B6qVQoSGTAu4q1RqGggsYx6ifxOpK-UmcrhJO9OQ3pIDbvlyDC1A89N_aLJEWiAK4GoB0EfuBe3tnDmONvhL9IIER4fsM8Y38mXJU4avCpWASvSS-RVGjrXG0pZoaOaEzqKt4lj_UIxs9adx48y6O7164wIKKTqAO2OCFLgKvydjciFsf23FMnn6dqBnTqhbh8b5q8YhJrD8tzjtRZ4uZ-dNmRzUhpva6ectgKnke0FXjMA528nuk2kY2JCLZ-wYh0XA-lcR8ed2GFJrTkhcBKIAq-Mab1yDvxZoA-KK6Q6mEdspZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9PILbZpY_yuNbnhx_AP0MqGgAfkj9KxXI-K6IiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjMwOTU2NzY2MjE2NDY1yAEJqQLrePOLjFOzPqgDAaoE5AFP0EqZDed8dC4wDqws2wYr12cNlPF7YPAc_b18I0wd1M7f2cVmhbEUVmMUwzKDjW6tO0JdLkkR0mnbtm_N1WicCZRCjXK4J2LYcbOW9KKgkqwah5sNr_MARhyZ4TOpQY0TsHy4Hm2iHidvgQpjAOduAedLvJLWPQGrgLaiaVHm-xYd6oQdisqAlSGecDSywqsondo7q7eNHw6aTFjcd2x3nIZ3R19tVPcWgnU5QlaTcKdGbQXzdvDZLPqI7ApHRTgBb2C1CcwRu9uTrmssaYT-hMXHNyKnwOEBfXcCrLo1-3FD6ICABvzQk5e78qOP2QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1V4jFmiXzBNjVooaTxZGbbFGrNrw%26client%3Dca-pub-5630956766216465%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7670 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7670 308 B
636 B 37ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7670 293 B
621 B 36ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 7670 43 B
347 B 40ms
38ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=oiQK-nKclKmbhApXt50YrmRpUgo9qSVGf3gW4m22c8iqWq53hCQmR5fc5wz9qUc3twPhu9Oz4gg9yayGgnWFtQtViLAOP5cU8JvEeUP3nId06fXe1zvrlo9z73jXspTsiRHb2g7Ru1r3NnnS1DnH7iuny7nK8uBeRndCuPU2U0UeMmK2RyQGTA2sU_a_Vci8dQGHp_r8xV5QVp2Y4v3IdhWqfha1ukW0KVtKM_hKVloMW5lIvqd4Ki9txgPJIiyDHkF7Fzx4OfiAgA9JGHGYfb2WGPzfmVmhOI9Qe01Xe_hjk-iDHz8ukvsVB7MU1GH0wpufjfi9QKF0_4D6YkrOOk6pyGJ0-oOVNgU9Z_Rpw0K2rSbyDwNGwmRCy4PcTqlQsp53qlhgKG5S-IwwNZxhfHWF3wjtJNlaz64BPBA070uTPb-voItWRWmlbubjyXB8vMu0Vg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3090695
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame C999 28 KB
28 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 360961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 21:35:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7670 12 KB
6 KB 39ms
39ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7670 15 KB
15 KB 90ms
89ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=50020&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F50020%2F220822%2F9e364a10065b4be3b87ef0bbb59c9ef8_white_ah_stacked-4x.png&v=3&w=196&s=2fVpCmokwToQZ60Ijj6GDAxj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6f37fc20a417538f0843b1481c591c9c989f3fee4acc27e0c3b4fa584f6466b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29743818
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15336
expires: Wed, 18 Oct 2023 08:02:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7670 67 KB
67 KB 96ms
95ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50020&q=80&r=2&u=https%3A%2F%2Fwww.neilson.co.uk%2Fsites%2Fdefault%2Ffiles%2F2021-11%2FLa%2520Pared_0.jpg&v=3&w=400&s=pEZfHzwHYLtXxIPcarx110Bc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a65a796fd1b5d4d3175a82903123ff731f6cf04591a6b5480dce7633558c00ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=15401532
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 68562
expires: Fri, 05 May 2023 08:03:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7670 22 KB
23 KB 109ms
109ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50020&q=80&r=2&u=https%3A%2F%2Fwww.neilson.co.uk%2Fsites%2Fdefault%2Ffiles%2F2022-07%2FFlotilla_0.jpg&v=3&w=400&s=5uHfRfnkecDWiXFVc0Wld5ap&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0af2a1768d0349b8994e488c6f090a5654370a058f31a850273770b1bf2a1a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=14189960
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22978
expires: Fri, 21 Apr 2023 07:31:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7670 68 KB
68 KB 100ms
100ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=50020&q=80&r=2&u=https%3A%2F%2Fwww.neilson.co.uk%2Fsites%2Fdefault%2Ffiles%2F2019-08%2Fa9c8e28d4f70d6e2de6cb075d0a289ad_0.jpg&v=3&w=400&s=HUMC2iYS-mwKrBTFDXxIvX7b&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d575cc2b146b9b03b5d0433b082f6b3e669a004e9c2a7eff46d37e2595f6a5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=14624152
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 69780
expires: Wed, 26 Apr 2023 08:07:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7670 193 KB
194 KB 116ms
115ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=50020&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F50020%2F220822%2F48a9f8757a4a45b389a9520a52610767_1200x1200.png&v=3&w=1200&s=N2h5DXzTNuweJkF8XJ99Qb-S

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f2e4662b3193fc87a622c272737100f9461439f34762095f1f828729c97c3410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29767950
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 197852
expires: Wed, 18 Oct 2023 14:44:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7670 0
127 B 101ms
35ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=wR74vhxB7Gu3UAaBiQYQbbs2f8XOE8KuM_5lSuedt81yLOIezveZX_aT4p1czGbmXggXP-jVwKxCWRAmCOos_wSg13g_A3Nlh9rpdmPSz9Fgmh2KAU3p4GDGMF048AQJ3IsyZCbNkXmUev5MKPxdLx0G3F_eRuxuyn4WkksC1EYpxJH-3r_MrwkgbbVeLJZ3kX91yw7KilCYSfjp6LiJcPSU-Cv0zHWeLYa1HemFo74euWKTXGx-kT-sFJRGF3fB2Boau-5C78zpjDcM&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7670 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7670 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Nov 2023 01:51:42 GMT

GET
DATA 200
OK truncated
/ Frame C3E5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e372707dc9c57e07626cf0b24366ea118f216fc4e64c29a2230c5c9f8e7507a7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 4 KB
2 KB 240ms
150ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=6251848352882661&cpv=0af1b344-2a15-1501-42fa-34c4cc431749&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223c5cc1a1-259c-1bba-af95-836cbece0069%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22392da250-b962-107d-2a4e-615408803b37%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

5cf9a44155f80248435c8e14321de97b9ba279c97627cc2fd09a5f2730805077

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Nov 2022 01:51:43 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 1635
X-Xss-Protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame A3FD 4 KB
604 B 135ms
52ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

622697f8910d9876a2e24a274c1ff18c071717d1f2f498626f76233196d83294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Nov 2022 01:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 01:51:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Nov 2022 01:51:43 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame A3FD 37 KB
37 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 32226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 16:54:37 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 121 KB
40 KB 38ms
37ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 09 Nov 2022 01:51:43 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 119ms
37ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.buhoblik.org.ua
date: Tue, 08 Nov 2022 01:51:43 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 236ms
58ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=b6fcf27f620c46938391e960e53addb4
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 08 Nov 2022 01:51:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkQ3MTNFMDktRjI5QS00MTVCLUE4QjgtOTYxRUUyRTAyN0VE&gdpr=0&gdpr_consent={consent}
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent}
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D2D713E09-F29A-415B-A8B8-961EE...
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=2D713E09-F29A-415B-A8B8-961EE2E027ED

43 B
463 B

41ms
41ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=2D713E09-F29A-415B-A8B8-961EE2E027ED

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Nov 2022 01:51:44 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=2D713E09-F29A-415B-A8B8-961EE2E027ED
date: Tue, 08 Nov 2022 01:51:42 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=b6fcf27f620c46938391e960e53addb4&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=b6fcf27f620c46938391e960e53addb4&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=f6d49e2e-2f4e-42fb-99c9-ce895f312d6b&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=93ba96f9-79a3-49a9-8f27-a548f9d07f88&gdpr=&consent=&gdpr_pd=

43 B
463 B

42ms
42ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=93ba96f9-79a3-49a9-8f27-a548f9d07f88&gdpr=&consent=&gdpr_pd=

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Nov 2022 01:51:43 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=93ba96f9-79a3-49a9-8f27-a548f9d07f88&gdpr=&consent=&gdpr_pd=
Date: Tue, 08 Nov 2022 01:51:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=533&code=b6fcf27f620c46938391e960e53addb4
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Db6fcf27f620c46938391e960e53addb4

43 B
964 B

35ms
35ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Db6fcf27f620c46938391e960e53addb4

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 01:51:43 GMT
AN-X-Request-Uuid: 23b16f98-26c2-4daf-938c-ffe7c1cf49c6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Nov 2022 01:51:43 GMT
AN-X-Request-Uuid: fbbc9397-a9c6-4e0f-b8b9-7abe5343b265
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Db6fcf27f620c46938391e960e53addb4
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

37ms
36ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 08 Nov 2022 01:51:43 GMT, Tue, 08 Nov 2022 01:51:43 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Tue, 08 Nov 2022 01:51:43 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F4A 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 12:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 12:25:38 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 227 B
473 B 116ms
40ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=52992734173

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f6454fe4c4deafd5a06d0ade264f0f9ba4bfa5db28cfd60d7fb17338d3b1cc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.buhoblik.org.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 199

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 40ms
40ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=b6fcf27f620c46938391e960e53addb4&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=28&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=a06f9f8d-c9ce-4153-9714-76ba0c6232a7&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=2%2C5%2C495&ts=638034691030298191&ap=MA%3D%3D&asign=1785363807&sync=3%2C88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-6&pxl=0&pvid=871e6fda-33f7-4587-978b-eb94e31e3c9d&ip=217.138.196.107&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 01:51:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/49044/ 28 KB
11 KB 127ms
127ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:01 GMT
server: nginx
etag: W/"63049f45-702f"
vary: Accept-Encoding
x-cached-since: 2022-09-21T13:54:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Fri, 22 Sep 2023 13:54:26 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/49044/ 42 KB
18 KB 119ms
119ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:35:02 GMT
server: nginx
etag: W/"63049f46-a793"
vary: Accept-Encoding
x-cached-since: 2022-09-30T16:54:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sun, 01 Oct 2023 16:54:26 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/49044/ 13 KB
5 KB 108ms
108ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:54 GMT
server: nginx
etag: W/"63049f3e-326c"
vary: Accept-Encoding
x-cached-since: 2022-09-30T17:04:32+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sun, 01 Oct 2023 17:04:32 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/49044/ 11 KB
4 KB 105ms
105ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:52 GMT
server: nginx
etag: W/"63049f3c-2a79"
vary: Accept-Encoding
x-cached-since: 2022-10-25T14:27:35+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 26 Oct 2023 14:27:35 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/49044/ 215 KB
74 KB 138ms
138ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/49044/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Tue, 08 Nov 2022 01:51:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 09:34:51 GMT
server: nginx
etag: W/"63049f3b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-09-30T16:54:18+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sun, 01 Oct 2023 16:54:18 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
220 B 34ms
34ms Ping
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 08 Nov 2022 01:51:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.buhoblik.org.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 40ms
40ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=b6fcf27f620c46938391e960e53addb4&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=28&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=a06f9f8d-c9ce-4153-9714-76ba0c6232a7&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=495%2C2%2C5&ts=638034691030298191&ap=MA%3D%3D&asign=1785363807&sync=3%2C88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-6&pxl=0&pvid=871e6fda-33f7-4587-978b-eb94e31e3c9d&ip=217.138.196.107&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 01:51:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3E5 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssihchJkCLmpBtKS6Ebm9SbK9lw8Ar2bxCQdIJl_4b-ubu6PGs9rSn7LUQdxSDu-wjlaFOMjCs-O85fbpuKZY6RijRH&sig=Cg0ArKJSzLjszKuASJWIEAE&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221107&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3078983205&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667872301754&rpt=1152&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7670 0
127 B 35ms
35ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Nov 2022 01:51:43 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f4c7496f538a15a82e6e6921576026625763a847bc65d6f3cd53be3f4a601ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11155
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 78CB 15 KB
6 KB 128ms
38ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.buhoblik.org.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 895087
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 01:51:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 823B 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 10864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 22:50:40 GMT
expires: Tue, 07 Nov 2023 22:50:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2457 783 B
1 KB 140ms
50ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06c785a6f113a987f4b7de42c4bfa39ee37adfe5d66f9c46cb90cc07d6733aa9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4soeWbnvyu-DzCp3A90Xwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buhoblik.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4soeWbnvyu-DzCp3A90Xwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 01:51:44 GMT
expires: Tue, 08 Nov 2022 01:51:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 78CB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=buhoblik.org.ua&sn=ChromeSyncframe&so=0&topUrl=www.buhoblik.org.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=jP0fp3xqMnBjMVRBQjl4ZlJBM2c3bERySW42OGZuZkljbmsxNHRTZFR1VE5zWE5ZeVpGU0RKbDh2amVkcmJlRWhza1R2R0JRWE4rWTBWazhyejFvams1bWE0SFFqS1JjWXVkZHhyNnpkWEZTRGhkbFg3YVJYczltekZ6ND...

430 B
655 B

300ms
38ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jP0fp3xqMnBjMVRBQjl4ZlJBM2c3bERySW42OGZuZkljbmsxNHRTZFR1VE5zWE5ZeVpGU0RKbDh2amVkcmJlRWhza1R2R0JRWE4rWTBWazhyejFvams1bWE0SFFqS1JjWXVkZHhyNnpkWEZTRGhkbFg3YVJYczltekZ6NDRNOGppUmtzYzh1UnMrQWlJYUU5bm8yaTExZTZsR2tOT3lzM2pSWEVUMU9mWS9TNW5XSWxhczBaQXBGUGhFZFZpNDh1RzdaaE53UTFRaU9JbnlQWWJyRW9TbXhrS1Ard0o5cm9pQ2NLNW1pMFNoTnFUZDk5N3ZUZk9vOGhMT0QvNFlRRW5CMlhsTkhDRlNXQ2ticGNtaTA3ODNuMUxsZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5cd8b1a9770f6d01cc5246e6573f772240544766dc7614cc98c50f401107c594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2277552
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jP0fp3xqMnBjMVRBQjl4ZlJBM2c3bERySW42OGZuZkljbmsxNHRTZFR1VE5zWE5ZeVpGU0RKbDh2amVkcmJlRWhza1R2R0JRWE4rWTBWazhyejFvams1bWE0SFFqS1JjWXVkZHhyNnpkWEZTRGhkbFg3YVJYczltekZ6NDRNOGppUmtzYzh1UnMrQWlJYUU5bm8yaTExZTZsR2tOT3lzM2pSWEVUMU9mWS9TNW5XSWxhczBaQXBGUGhFZFZpNDh1RzdaaE53UTFRaU9JbnlQWWJyRW9TbXhrS1Ard0o5cm9pQ2NLNW1pMFNoTnFUZDk5N3ZUZk9vOGhMT0QvNFlRRW5CMlhsTkhDRlNXQ2ticGNtaTA3ODNuMUxsZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 581069
content-length: 0
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C999 0
54 B 774ms
473ms Ping
image/gif 2404:6800:4009:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~la7k3t3f&c=1618942969247&slotId=809471484623.5&qqid=CJf11cC8nfsCFVAR4AodrZMKQA&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fae9281d7676db9a8afd767185428220.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:828::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Nov 2022 01:51:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js Show response
pagead2.googlesyndication.com/bg/ Frame 823B 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 12:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 12:25:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2457 0
0 75ms
75ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=1603603407640633&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 823B 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nM1wtQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 01:51:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 41ms
40ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=dab6be62-b1e7-4d05-a12c-0a70b3291504

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Nov 2022 01:51:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame A3FD 0
127 B 35ms
35ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 08 Nov 2022 01:51:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=1603603407640633&bg=!-_il-LzNAAZPh4lnb4c7ACkAdvg8Wv5HlRB8c2JdUYNkVCF9XjK4P7z_zKpFmHOBUdky3T9Vwn2WowIAAABVUgAAAAJoAQeZAqxfjoqQg8WDKhDyLZ0MWqpQdreMlM3VpnAIrvTzPNRiA9NcY6Ts58HaMvigymnGRJueDk9vslqx_9TGYOrIoMrFydQolww0PyKsBsJIDpJcx3clVqVOl2S4YG7Xa9qjS4kDiHVk6xh3MRN8TNtyezpv1noAeU0ViT7U9PHIu3HNIQj1RuYWimQ-FFKUqEFLiJeaSfMJux6fY-BbMaYE5_PE3e9CV2UwS4S58nKFFTnuIcXu0gW6H3YjD0Xmf7e1cPlVNasnzMcV7FRlK3SoETDTIoC_Kw02PCRaRTVMJxUk6KshbX5TV7UQKIoM3NwZK1oqoK0HPXwJf8eTm4TE0vj9A0ZYtr9ubtXz6f4IUq1aOijnK5cTaMyFwGlLHry_7lfo0ziP_fxFPvOsvk9ulMecFim3h3kFAsrV6jwzJtgpsc84lCtXwVDV98Mm3hdTNWj0A_9wSpsY8J4xNoVmmjw6N4DJ9OzBAHQcCrBVCgrk6nd3aVKZXtzdMhYSCn5ugwNvxtlT8hbhEo1P0N1dvP5PnzkF5O9557JQR8api_BlxxHzpGY-5qu-Z-cwWt1E8j1XnFMevvuIuUoga9B9gHbNlEil0ZwGAcRIpVES4A08yCiLI1axToXOcsi1ZOcPxUVOCOe0_LGUeN5o4Yhy0UJgcAe3jsiOgJZUMJJbE81MLjscyyzL-KqERZ8dsEa4aJUMuOl6VmckLfMNY0C8whTPmuffZyfb9qt1mu333ujpWnBGSkPfpvxWbQDNTjVnj6-ctagB5JKW1EP3QlycfeQOWZwmFKch8jHQFmrkNn-87thfBoGzW_98M_p8rVefHXriTx9rIskQrung3s4SWZ9266IMkuxKugDUCld-0y8-b8kK5JmRLQqAoQW1bfUJr51jrPyLtfURUXhN9k0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.buhoblik.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 09:27:28	Name: am-uid Value: b6fcf27f620c46938391e960e53addb4
www.buhoblik.org.ua/	1969-12-31 23:59:59	Name: 54328dacc8285ec61fa19f90fac03db6 Value: 82cd040a799a28e136d541b02acf7f2f
.buhoblik.org.ua/	1970-01-20 16:53:52	Name: __utma Value: 21695912.541101146.1667872302.1667872302.1667872302.1
.buhoblik.org.ua/	1969-12-31 23:59:59	Name: __utmc Value: 21695912
.buhoblik.org.ua/	1970-01-20 11:40:40	Name: __utmz Value: 21695912.1667872302.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.buhoblik.org.ua/	1970-01-20 07:17:52	Name: __utmt Value: 1
.buhoblik.org.ua/	1970-01-20 07:17:54	Name: __utmb Value: 21695912.1.10.1667872302
.buhoblik.org.ua/	1970-01-20 16:39:28	Name: __gads Value: ID=10c7f09ed7acca5a-22ed71ed6bce0029:T=1667872301:RT=1667872301:S=ALNI_MbPQY_SReFJATgwJLjEVZXqYVbVYA
.buhoblik.org.ua/	1970-01-20 16:39:28	Name: __gpi Value: UID=0000089dbacb379d:T=1667872301:RT=1667872301:S=ALNI_MZAKKVYuUMFCHkePE04FoaqWdLKIQ
xn--r1a.website/	1970-01-20 07:19:18	Name: stel_ssid Value: 90300be4c98b52a51d_10597758451492886396
.doubleclick.net/	1970-01-20 16:39:28	Name: IDE Value: AHWqTUktbg3xMepBCm9aR9Bwnnm-lpo3wetI239JSHitLgVXiVV2eE4PGt9RUBKG1WQ
.doubleclick.net/	1970-01-20 07:17:53	Name: test_cookie Value: CheckForPermission
www.buhoblik.org.ua/	1969-12-31 23:59:59	Name: Value: store.test
.admixer.net/	1970-01-20 09:27:28	Name: am-uid Value: b6fcf27f620c46938391e960e53addb4
www.buhoblik.org.ua/	1970-01-20 07:27:57	Name: am-uid Value: b6fcf27f620c46938391e960e53addb4
.adnxs.com/	1970-01-20 09:27:28	Name: uuid2 Value: 3460815399323103382
.creativecdn.com/	1970-01-20 16:03:28	Name: u Value: MAHCIQORBqhhDtWznqeK
.creativecdn.com/	1970-01-20 16:03:28	Name: ts Value: 1667872303
.bidswitch.net/	1970-01-20 16:03:28	Name: tuuid Value: 93ba96f9-79a3-49a9-8f27-a548f9d07f88
.bidswitch.net/	1970-01-20 16:03:28	Name: c Value: 1667872303
.bidswitch.net/	1970-01-20 16:03:28	Name: tuuid_lu Value: 1667872303
.pubmatic.com/	1970-01-20 07:19:18	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:27:28	Name: SyncRTB3 Value: 1669075200%3A220
.pubmatic.com/	1970-01-20 09:27:28	Name: KADUSERCOOKIE Value: 2D713E09-F29A-415B-A8B8-961EE2E027ED
.scoota.co/	1970-01-20 16:53:52	Name: tuuid Value: f6d49e2e-2f4e-42fb-99c9-ce895f312d6b
.scoota.co/	1970-01-20 16:53:52	Name: c Value: 1667872303
.scoota.co/	1970-01-20 16:53:52	Name: tuuid_lu Value: 1667872303
.pubmatic.com/	1970-01-20 07:19:18	Name: pi Value: 160846:3
.pubmatic.com/	1970-01-20 09:27:28	Name: chkChromeAb67Sec Value: 2
.criteo.com/	1970-01-20 16:39:28	Name: uid Value: 1331b80d-9d60-4540-9c7e-986ca9141721
.buhoblik.org.ua/	1970-01-20 16:39:28	Name: cto_bundle Value: Iu_xf19xdEE4UHZHUjBzbHp2ME13TEpwcVZDSjdLTm9LMjFvZkVaWGQlMkZXVlFRNDU4NHpLVUJxZnowWmJ2ZkNMZiUyQk80SUtpQVVLUG5TalRVJTJCVVdieU5HYzhWNGZJNklYbkdTbFlQWnhZTUUlMkZ5T2wzQlplZEpjakZ3NXpkUkZOYkdmaE5rdU1uNURBYjhkVFJqOUklMkJDMFNSUWFnJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1667872300&rafmt=1&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667872301616&bpp=3&bdt=618&idt=171&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&correlator=8129897791964&frm=20&pv=1&ga_vid=541101146.1667872302&ga_sid=1667872302&ga_hid=1902366401&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44775016%2C44777948%2C31065824&oid=2&pvsid=1603603407640633&tmod=506914789&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ppF8Zoowsk&p=https%3A//www.buhoblik.org.ua&dtd=174 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
avto-oblik.com.ua
bidder.criteo.com
buhoblik.org.ua
cat.nl.eu.criteo.com
cdn.admixer.net
cdn4.telegram-cdn.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
creativecdn.com
csi.gstatic.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
m.trafmag.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
prebid-eu.creativecdn.com
r.scoota.co
r3---sn-aigl6nzl.gvt1.com
redirector.gvt1.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
ssl.google-analytics.com
static.criteo.net
telegram.org
tpc.googlesyndication.com
www.buhoblik.org.ua
www.google.com
www.google.com.ua
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--r1a.website
142.250.186.66
146.0.227.109
178.250.2.146
178.250.2.148
185.184.8.90
185.64.190.79
185.64.190.80
185.89.210.153
193.200.65.6
198.47.127.20
2001:41d0:602:3b8e::
2001:67c:4e8:f004::9
2404:6800:4009:828::2003
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
2a00:1450:4009:f::8
2a02:2638:1::17
2a02:2638:1::1a
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:2638::c
2a03:90c0:41:2801::254
2a06:6440:0:2d02::1
3.123.169.180
34.111.35.152
52.214.157.74
95.216.186.40
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d
0035cf9e86c4aad513f043428611de9dd9325316247e0ac7516c6fb8d3cf6715
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b
06c785a6f113a987f4b7de42c4bfa39ee37adfe5d66f9c46cb90cc07d6733aa9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af2a1768d0349b8994e488c6f090a5654370a058f31a850273770b1bf2a1a79
0f4c7496f538a15a82e6e6921576026625763a847bc65d6f3cd53be3f4a601ee
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
1d08840a75c155fca6642bcc3d7ecc34497f6e0d19d030b1f2e0e249c753cfa3
1da67e20c0a4ac1486f38f01e01cdb805992a3f857ef49dccd9529e6b7571d0c
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
21f2b3323a6d64ee66a495447fed2c707f1f1ea81c611abe5105ea97f00a2146
2305cb6ef037811f37af31f43d2d010b6ad5bceb247e5c74000caf276251b37f
25acfe84806b66b7cd6fa3c4f94183e78a32025415c2bd01d3dfb16340ab2e47
26345a9625172670562d7ab2395db6bd15311e0f6cf5e66f2b4478bd994a7f6d
270da210042927d64ae9d90ac346efb9251673a97dca3bce20cb86bac11fe8de
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2c9a2879929c9fdef7095f7a7e50abcce73f7479a9739e30be86f9cc5bb5de64
32ae77196cf412d763b87b2aa85b038f536201a0df7164ed74581402b4733511
377d27d86822418762eb956a7d4eec9823d6a9d3fd6f6d3ca0d63fdf374a0b69
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3ab6bdc45b9e7ecded30d4f1c7b2215e990f446f331d3b646dffd6bb2c081c1c
3e70e149a35f394bb78ef7842de11a06359fed7828f30331594a28d196c54012
3f0e8e48d69bb2ab751a1fb2cc10c2045678763307f82e8f54990aca4aca4f5b
41b5c3b25f4258190937deb900fa57a6db6d450ce7dd2af2259af760119a1c41
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45dc2c74defcfb43d6cffe89888701b72418edb91e77c32d1a0c7aa8d235889b
462d3ff9a98ba9bb2084eb4fe7d829f45143cd721b16eaafb7682c2104f170d2
4908896cedd11c06d17125dbe0c341712807d6334dcba791d83d6f3957721d63
4a003dc58f3e95a18e44712b9161181319e6a40613242cbcac158f6dc8d7339d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4af5ac3969cc9c02051e764dfe344562f0ea9ab2b2d07f19d504454c8246ca9f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
536dab3f6cefa51f81e172ead35c79e2de704da110f4ee6e8286c3fa782467f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5883b0172a34ad111128a49accdb497837041f1007b3770d4c35b83db58f0007
595223fd35cecfd0b17cad4a6b877ea300d07073c16b222d49a244029a1cc1f4
5abe4ec1b14120ec963c7bec8267ed0bbdcd52694f48daf0f1a57279748a1c6a
5cd8b1a9770f6d01cc5246e6573f772240544766dc7614cc98c50f401107c594
5cf9a44155f80248435c8e14321de97b9ba279c97627cc2fd09a5f2730805077
5d04a26fe5991b18e92a5815e5fc6cddb6437c9ea1dbe27fbba14066e40ae948
6080610ed8ad1ec28b32a16cd5fb8be853a45dc27de0757acad068588e067a45
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622697f8910d9876a2e24a274c1ff18c071717d1f2f498626f76233196d83294
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
67c87f81d09ca17158df34e8f41945696a59a07e3e4e642725e68ae127faa980
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6a82502c1baab28ba6f410aa012fff53bd4f01d8de430e54589e583a0dc3ce80
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f37fc20a417538f0843b1481c591c9c989f3fee4acc27e0c3b4fa584f6466b8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
75af46f9855535d00cbfdc0c1b1dc6539373586bf154a9aae5e0855fe52e3a03
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a7c10739ca59c5cd9679fdf04b0a823652d4c4c165936c36e6bd18017c86b15
803df509fe55bade6e1d161b961ff9c59c6645daa104e41b453ca014628d7994
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad3781ddc14dbfeb4ceab05fa2a620dc59557c8f4fa2db4a9ef19ced3228779
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f134d02dbaaa69fde869549843924df75159df9a772686e86d6621235df5f61
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9b1e68362961b7641e00727d943f8b3104889789fca2f38ddd5a9367619f75f2
9c74ed85bbc0ae64417ce1529b4e2f5e0627981a2437d682d18f276878dc1597
9f40990683165a6c0b9eabab4ffbb1b6a2fb9617b2fe3101ee64299245dfe743
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1ea1cf0536ecea857deddeeed195fb49ba0cd3331fccebf690bdcdb422ec17e
a21aa9b84dd8ba15bb105cc6f80e2b17b18b42b3a1056d3f9a0b9ee0f99948e0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9
a65a796fd1b5d4d3175a82903123ff731f6cf04591a6b5480dce7633558c00ab
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad3b8591ce06628ac4b723889894eacc632ce12ee10fd59ae7949d343cc47267
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b4dc7118464c434f7caac42fd0535dac1102dfcace0feb4c35e3bb29594b14c3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7b093955e7487be1bbec86d8a7ab2012c4716b5cf31b2b6df500edc04c06255
b87673d5f4085602ca52a2a9f1e923a436cfd682dce3050cf78fb11630e8f682
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd
c7e8136357ce5a071686ad38223365029e4cf77be820cd7793f2b16e08052abd
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c9e5b3217bf2a506c0beef0610f9a3e540bf834d12791ae984f06612bcaa2b43
cbc95dce273933711c5e171acd5ec4c04fd56b5414acd8950150a2edb88c1ff7
cf834601aa3e59f6a61453790dc88447b3d3910cc297be5f7891c41cc0ca21e9
d097bda59092b06b5bb3051bbef1791e8a7fc533a5aa62e40e898b3ec9308249
d575cc2b146b9b03b5d0433b082f6b3e669a004e9c2a7eff46d37e2595f6a5e8
d8d39d296e45d415d0d5ac47436cb13c599b6fb6628a3aedea22495b2f36b66a
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa086b24cbd2610eb3261446100ff513a4526c5b2bce41e758629f5cd8a6a20
dabffe4a0b71d6abf83cc82c3ed7fcda4cc3582a4197e026117f2dc99c1dde3c
dd6e691a27d07125e04993917cfb3f75ac9d8926f6b66d7c2e45368aa130e660
dd7de43814562f0070a51ec0b52807927c6e35baa26a6fe0688b0c536e78e125
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e372707dc9c57e07626cf0b24366ea118f216fc4e64c29a2230c5c9f8e7507a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b7033bdd850b9dd9847fb31e63627e352e38a3cb5cf5a483ca3d2cc1093c58
e59d8c09b277f6914f2ff5b4f28a68e60f162530bb5eb6025763955f132fb93b
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e4662b3193fc87a622c272737100f9461439f34762095f1f828729c97c3410
f4a16b2ec7d65f705a32ec6ddc629905a9bfee91159d269da19805a8765b84e4
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6454fe4c4deafd5a06d0ade264f0f9ba4bfa5db28cfd60d7fb17338d3b1cc85
fc24207e02e917343e229ac81dfb95975693aef4c1da036bcb8f5c1e17368040
fca1273020811ccc5b793c2f116f4b9fafa29b6a70f76f749f6cbf342a9499c4
fea9410090e77370f2d0d4d67902794536bada2b9db8bb8b5fa859c65d2c4e2c

www.buhoblik.org.ua Open in urlscan Pro 2a06:6440:0:2d02::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

96 %HTTPS

67 %IPv6

26 Domains

45 Subdomains

35 IPs

11 Countries

3903 kBTransfer

6613 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

96 %
HTTPS

67 %
IPv6

26
Domains

45
Subdomains

35
IPs

11
Countries

3903 kB
Transfer

6613 kB
Size

31
Cookies

160 HTTP transactions
5 data transactions