vchys.com.ua Open in urlscan Pro
136.243.155.228 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vchys.com.ua/
Submission: On December 11 via api (December 11th 2022, 4:43:43 am UTC) from GB — Scanned from GB

Summary HTTP 187 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 35 IPs in 9 countries across 31 domains to perform 187 HTTP transactions. The main IP is 136.243.155.228, located in Würzburg, Germany and belongs to HETZNER-AS, DE. The main domain is vchys.com.ua.

This is the only time vchys.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	136.243.155.228 136.243.155.228	24940 (HETZNER-AS) (HETZNER-AS)
29	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	193.200.64.20 193.200.64.20	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1 35	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:340... 2a02:26f0:3400::170b:cea2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f08... 2a03:2880:f080:a:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
5 15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	213.254.244.112 213.254.244.112	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	2404:6800:400... 2404:6800:400a:80a::2003	15169 (GOOGLE) (GOOGLE)
1	66.102.1.154 66.102.1.154	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.122.156.110 3.122.156.110	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 3	35.157.140.187 35.157.140.187	16509 (AMAZON-02) (AMAZON-02)
2 2	18.158.120.155 18.158.120.155	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:223... 2600:9000:223f:d200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	23.3.109.122 23.3.109.122	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:9d99:f3a9:72e4:c4e6	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:17::a	15169 (GOOGLE) (GOOGLE)
187	35

18 136.243.155.228 (Würzburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ua3.d5.com.ua

vchys.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network

dominantroute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3400::170b:cea2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f080:a:face:b00c:0:8c (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.112 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80a::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.156.110 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-156-110.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.140.187 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-140-187.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.120.155 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-120-155.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:d200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.3.109.122 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-109-122.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:9d99:f3a9:72e4:c4e6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:17::a (London, United Kingdom)

ASN15169 (GOOGLE, US)

r5---sn-aigzrnsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	789 KB
33	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 ad.doubleclick.net — Cisco Umbrella Rank: 164 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 bid.g.doubleclick.net — Cisco Umbrella Rank: 701	235 KB
22	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 269 gcdn.2mdn.net — Cisco Umbrella Rank: 944 r5---sn-aigzrnsr.c.2mdn.net — Cisco Umbrella Rank: 284660	305 KB
18	vchys.com.ua vchys.com.ua	325 KB
13	google.com cse.google.com — Cisco Umbrella Rank: 2902 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 436	172 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	185 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 311 imasdk.googleapis.com — Cisco Umbrella Rank: 416	203 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	234 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 429 tps.doubleverify.com — Cisco Umbrella Rank: 454 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 20684	111 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 218	3 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 743 r.turn.com — Cisco Umbrella Rank: 3406	869 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1250	461 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3892	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 718	2 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 7344	914 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11213	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 321	460 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418	713 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494	586 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1918	174 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 591	191 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 447	863 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 677	446 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1545	351 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 323	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2681	104 B
1	atdmt.com ad.atdmt.com — Cisco Umbrella Rank: 3929
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	694 B
1	dominantroute.com dominantroute.com — Cisco Umbrella Rank: 179717	137 KB
187	31

	Domain	Requested by
35	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net vchys.com.ua tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
28	pagead2.googlesyndication.com	vchys.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	s0.2mdn.net	vchys.com.ua s0.2mdn.net googleads.g.doubleclick.net
18	vchys.com.ua	vchys.com.ua
15	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net vchys.com.ua
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net vchys.com.ua
8	www.google.com	cse.google.com www.google.com vchys.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.googleapis.com	vchys.com.ua googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net vchys.com.ua
5	fonts.gstatic.com	fonts.googleapis.com
3	x.bidswitch.net	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	vchys.com.ua
3	www.gstatic.com	googleads.g.doubleclick.net
2	r5---sn-aigzrnsr.c.2mdn.net	vchys.com.ua
2	sync.teads.tv	1 redirects
2	ads.creative-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	cdn.doubleverify.com	s0.2mdn.net vchys.com.ua
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects vchys.com.ua
2	cse.google.com	vchys.com.ua www.google.com
2	ajax.googleapis.com	vchys.com.ua
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	gcdn.2mdn.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	r.turn.com	vchys.com.ua
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	ad.atdmt.com	googleads.g.doubleclick.net
1	clients1.google.com	vchys.com.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dominantroute.com	vchys.com.ua
187	48

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.vchys.com.ua R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
dominantroute.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-29` - `2023-02-07`	2 months	crt.sh

This page contains 25 frames:

Primary Page: http://vchys.com.ua/
Frame ID: 3ED7B5BCB3A37891E1E497AE7BB8BBAA
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: A7363ED23E9F4158F2D0A77059A7AE73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&adk=1812271804&adf=3025194257&lmt=1670733817&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fvchys.com.ua%2F&ea=0&pra=5&wgl=1&dt=1670733816896&bpp=3&bdt=298&idt=153&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2016954796024&frm=20&pv=2&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=170
Frame ID: B0E8D8AF62BE63FFBED5EC14B10E8817
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1670733817&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1670733816899&bpp=7&bdt=301&idt=173&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vweoasBlaI&p=http%3A//vchys.com.ua&dtd=182
Frame ID: 79EA0599E65345302B4EC0C01D5689CC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670733816932&bpp=27&bdt=334&idt=165&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eT8vkyG01X&p=http%3A//vchys.com.ua&dtd=168
Frame ID: CB391DF1F0FD66FFE898AB0C4218CF12
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGmbC6w65dyk0n_6p5WhINkwEWV_hi3gKkEET11JIZ_AILRUX7EJPCktCrH9tM2mLHy3o4WSecz313Lgr5_hyiDBNuG1IANbImtbywWjv7xx2ShcoWxJyppWE9_4fskzqaF22ByVl6RvYZjd1o889Q6dnS1ussGT3QMAL0yXICA-YYhtxjHC19znYInmQSiPflRC-SEGCd7QYPAzSEqgR1MEKVmAkhft2jshOyRyUNFp5iu_zWk13BbysS3Eo_1b3AI5FYzVnBB4sPZyeNrWUntZfafzdAwdMfCmaPdUOjqCI8cQlzH5FWfTAC8RwTrGXF1HIDy0ijvYcrmrrYdpDSgbz81K5Yr2-sV1---grpj4K-sOYW5bce2kjGB62nQCsWQV97uMZp_cl-BJMXQiAWUy49FbWt1pvwI4L2CZAVTJrssdrGRH3EuRfpDAGm512U9GJaIjy1PnoNHWtBF1kWV80YuJ7On-r5UKRbsNUmkAI9YLj0NXo75N-rYJsfM5e7a8FJO4mvP-yai5Xy7jLOHMExUwZNuuHmEwsAje0lfxoPfOmeJBFpzDMNj4NCbgIwJcvWsBFJEZcOK7PkBNfycEUMaj7IVPrpi32RDlQhF9l1PL9IzVQnnicAKGnkHbgKexUN9i85al1vLr24Effi2PvJa0AxX5J1xIEeDmD-I_usdeOor9BP-hkGIqddJq-edxFeHjE9OS-J_V15FC_4pFHAepKcgY8Rt8xw-obQC9tCaVWZIEc_U_spdComVQAzJTvvCejxCSlBl1HDKxrGtgkVmIjaadGXoLlMfbg0BXr6reMkN28x52KLXVUadmfMZ_-wnvx-MqVpKycROZ9_C0eZkOnBgbLVx2qLerWx69HhpOjnSKVdOh16_4RpSwKZZCBOuDzdOm9zkHuKq9Qy5Z_i-_Bk2ZOW3c0JZRj-lnytmcgs2dADvnPPTIHCKaWL2TI-iUkTVyrdAliVJPcqeesY1PoMzycw&sai=AMfl-YSykGALH2YFiT-MdDPIFh2sPh2idmQrFT09bysKh6BQkcd-OwV6BBOpL55td9ZCVBX2t6zuSiUDNnYuBc-37M8EgqNuQjtjybAkmc7Zs9HQZuTCNKUp2krFM08iaa1CUbLGkz2Qw7gG8RyFLGCAhur4D8McP7vaGdjlH8y6dZLhkl5E_Wnsl-4VLCJOBczbnwjhOlQAiGrLV800qB6EOrK6A4k8sEHAH6NFRQ2YgMb42dtv-z3gtg&sig=Cg0ArKJSzCoxhu1KiiYbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 0D91016DC59C6B85072AF236649B36C4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40
Frame ID: 9DCA97A8EFF8AB6106082875DC68ACEE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=2732199629&adf=681586689&pi=t.aa~a.317283392~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&to=qs&pwprc=3519743202&format=1200x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1670733817624&bpp=1&bdt=1026&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=V2N1h57Nqt&p=http%3A//vchys.com.ua&dtd=6
Frame ID: 2D933AA41C4A2EB6C88C858EFBB8C2AA
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D31E31E9FDDAEDE44F0C75636C2EBA1E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: F3BD777D4CB5F930FCF31B8537E7915A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: BA0A07E7C6037C24C274DABD3431FA67
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
Frame ID: B337E44BC4F95478EA493DC4C0F5CA51
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXz57kCEMKYjJEEGLb92NsBMAE&v=APEucNUXcTWsHVOqpcw0H3eN_nhXoZR6onium8E4N77A9Vo0PlFbcMJTg1fl-W_XpMOwHf8lNMoZwIZj5ime62bue-60eL_LlGC2596q87iD-K4L8QnPxfKikc3nxgRVQTQszx0HcjS30m4a2jzt0iqx3dxq-S4KNfhjD57Cfu7KFX68f0xHNks
Frame ID: B3EF9A14858553D08660D38ACC0A2948
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Frame ID: F421737C26B6848BA86BE32CAEFEFAAE
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 08FC528B357635A4CE35C51A050A3853
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Frame ID: 6A2062FDDDB1948B219105BBD6FA0100
Requests: 12 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3317.js
Frame ID: 8901B45A4AB9BED2B16833E25242D4CE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 5F16AFFAEB8978EA106486A69AE786A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 933CFDE049E37F801445A2C7618DEC6C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B1AA1D2E17FA75FB13AF5C6CC7AC76F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: D6FA57A4336AF68CF60665872A1E8228
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: A6020E78B58114DB8B42838244329F12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B5507D294B75FC44538D03D9FE64881A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A0FD5C691EC85158F2CE49106639617
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0159245B30613F081F2A1438F737DDB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VCHYS.COM.UA - Навчання Онлайншукати

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

187
Requests

80 %
HTTPS

51 %
IPv6

31
Domains

48
Subdomains

35
IPs

9
Countries

2700 kB
Transfer

6993 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://counter.yadro.ru/hit?t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9170133329461982 HTTP 302
https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9170133329461982

Request Chain 51

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26539136.345105722;dc_trk_aid=537032362;dc_trk_cid=160047747;ord=2965417205;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26539136.345105722;dc_pre=CIuu2r3g8PsCFdCw3godq14PSg;dc_trk_aid=537032362;dc_trk_cid=160047747;ord=2965417205;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 54

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA HTTP 301
https://tpc.googlesyndication.com/simgad/11451250718949484972

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&C=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5Vf.jEtaJxmLMTRQ6COCwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&google_hm=2

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdtC0_VuHC_d-63AgOJhDA&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ1Njg2NjkxNDExNDAzOTU1

Request Chain 151

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&google_cver=1&google_push=ASkJ3FbbleJT4ojQZ3-hPgiofSZ-UxSWkHhYUoGg3P47sWewVyOEE8ZxzaPiaBzf2sf8D-OnsNxrp7pD5NsRNuoZmikN7EQ8EUXXgiEH HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&google_cver=1&google_push=ASkJ3FbbleJT4ojQZ3-hPgiofSZ-UxSWkHhYUoGg3P47sWewVyOEE8ZxzaPiaBzf2sf8D-OnsNxrp7pD5NsRNuoZmikN7EQ8EUXXgiEH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0o4NWZhME0xUDRlYkU1&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&google_cver=1&google_push=ASkJ3FbbleJT4ojQZ3-hPgiofSZ-UxSWkHhYUoGg3P47sWewVyOEE8ZxzaPiaBzf2sf8D-OnsNxrp7pD5NsRNuoZmikN7EQ8EUXXgiEH

Request Chain 153

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEwEV5lunSptODSpT_Dj2dM&google_cver=1&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0Rv8Qlj3UpxlrWOuSCE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEwEV5lunSptODSpT_Dj2dM&google_cver=1&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0Rv8Qlj3UpxlrWOuSCE HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6a891f8e-074c-464a-87b2-5e3e78b1e5c8 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6a891f8e-074c-464a-87b2-5e3e78b1e5c8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=d6816471-faa6-460d-84f5-85a6437745bf&ssp=google&expires=30&user_group=5&bsw_param=6a891f8e-074c-464a-87b2-5e3e78b1e5c8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0Rv8Qlj3UpxlrWOuSCE&google_hm=aokfjgdMRkqHsl4-eLHlyA==

Request Chain 155

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEiAWVNyrFDmp5I38G4II4Y&google_cver=1&google_push=ASkJ3FY1-EgxIZRa_18L0Ojx2AuroB0OhPCvkaWfb6klRuGIyltYtPCy-t1YD-GtotTPgkr0l-hZALVmjfjskQR3IFFJO-1AQoWGkvR7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY1-EgxIZRa_18L0Ojx2AuroB0OhPCvkaWfb6klRuGIyltYtPCy-t1YD-GtotTPgkr0l-hZALVmjfjskQR3IFFJO-1AQoWGkvR7

Request Chain 156

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDzMW4jd_n-Xf1cIf4AkODA&google_cver=1&google_push=ASkJ3FaoFOdhcRA1GtB2rN1KmTLZAUCLcpkGiGyOTi-1idBsqqK6udRpbfSlRsqWEsBawvth0zUle_rrLUhPzYYZ0WpZZOVmEUhCb0DNdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FaoFOdhcRA1GtB2rN1KmTLZAUCLcpkGiGyOTi-1idBsqqK6udRpbfSlRsqWEsBawvth0zUle_rrLUhPzYYZ0WpZZOVmEUhCb0DNdA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 159

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL6Ves8BBsMpM6586wXmsu0&google_cver=1&google_push=ASkJ3FZCssj5VW9p1q0to47DEpHkszDNElijGWK25VvoOj1yc3OxP4hWyMuJxBT0TDFGNw2rH21TSJbXaYR6Q94agO85WGoiv0xsfq4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE1NTM4MjczOTUyNjQ5MjcxMg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3o-b5jjFs8qsBJqwEYmxk&google_cver=1

Request Chain 160

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELr3pwSHzxXXv4oLR2gnqn8&google_cver=1&google_push=ASkJ3FawXJMma9Dl_cAwK9AuXZrJB6nH-x--Wn9itVIC0kIe2SvQPeGlk5JOcEnI9SkiTxLfBBl91cBb20x6s6OTni0uJUmjpepsLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FawXJMma9Dl_cAwK9AuXZrJB6nH-x--Wn9itVIC0kIe2SvQPeGlk5JOcEnI9SkiTxLfBBl91cBb20x6s6OTni0uJUmjpepsLg

Request Chain 163

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN69VfCxovOqPLaZC-pytv8&google_cver=1&google_push=ASkJ3FZPi_4jHqjkxuUAhsgMvlpwXee4vQdg9gjmdiQ_QkIWxGu2vzHypdUKxz3m0fuujVMQZhHUXBiPqzFbfqrTONlhe7-FYJGMMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NTc0NzEwODYzOTQwNjIyMg%3D%3D&google_push=ASkJ3FZPi_4jHqjkxuUAhsgMvlpwXee4vQdg9gjmdiQ_QkIWxGu2vzHypdUKxz3m0fuujVMQZhHUXBiPqzFbfqrTONlhe7-FYJGMMg

Request Chain 164

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPzGeaSPsivLwoJTJDXxQgs&google_cver=1&google_push=ASkJ3FZWmeMZtF_noaO41eJcj1xlMASSYMxn3scGfmrcJ-yAf5VLdWAfTVbHckYeMjRvvh6s-xEoQ4xSCQAlKoS7neFaoPf2ZAJknV4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZWmeMZtF_noaO41eJcj1xlMASSYMxn3scGfmrcJ-yAf5VLdWAfTVbHckYeMjRvvh6s-xEoQ4xSCQAlKoS7neFaoPf2ZAJknV4&google_hm=eS1IV003UUxaRTJwRTA1QWU3SUtPOHhPQzBZMEs2TUx5Ln5B

Request Chain 165

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGCBkO2qJVKWNdl7Ib1y4_M&google_cver=1&google_push=ASkJ3FbZjxo0E1Tf4IJD8GagFy92G4_IG9v7WM32wGc3KpQuCM_jfNShSKcgmtR_QGjsmYB3ONVOQxHR5dinuu6YQ4zvkaYuw8z3j8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJVlMwWUEtQi0yNzUz&google_push=ASkJ3FbZjxo0E1Tf4IJD8GagFy92G4_IG9v7WM32wGc3KpQuCM_jfNShSKcgmtR_QGjsmYB3ONVOQxHR5dinuu6YQ4zvkaYuw8z3j8s

Request Chain 172

https://gcdn.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/64229DB65DB7BA01CAA7EAB93A45A5FFC2BCB020.660295FE8026AD4E4D1FC163CF44A5DA00C586D2/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-aigzrnsr.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5855F7BC1F831593745738A33A59D14547BD6023.15B36EB2408B832167360613242FF050AD803CE1/key/cms1/cms_redirect/yes/mh/wz/mip/2001:ac8:21:e::6/mm/42/mn/sn-aigzrnsr/ms/onc/mt/1670733646/mv/m/mvi/5/pl/48/file/file.mp4

187 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vchys.com.ua/ 286 KB
18 KB 466ms
283ms Document
text/html 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: 74582baac2f4399283844f099e127cba15a183c2e887147a3af7ed2c49b95c58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 11 Dec 2022 04:43:36 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache/2
Transfer-Encoding: chunked
Upgrade: h2,h2c
Vary: User-Agent
X-Powered-By: PHP/7.4.30

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 203ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7701227f533e90a8ae535cf5a68e294809b1c07db8f14c9bc5b2b80b12f85ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49624
x-xss-protection: 0
server: cafe
etag: 18174927746262858838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 04:43:36 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 104ms
58ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39d27420dbf428a92a85c8b6051ed58dfdf45ae14c5632595f65ed72a6b46ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 11 Dec 2022 04:43:36 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 11 Dec 2022 04:43:36 GMT

GET
H2 200 normalize.css
vchys.com.ua/text-menu/css/ 2 KB
883 B 192ms
60ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/normalize.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 2f8d2146bbcb6552c686ea04d4bc2bd5791c8d4c796c73d91241b01792620eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:36 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:23 GMT
server: Apache/2
etag: "721-57c9e7a5ac7c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 830

GET
H2 200 slinky.min.css
vchys.com.ua/text-menu/css/ 2 KB
940 B 188ms
56ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/slinky.min.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: a2fc0b7634ad909fbbf3a26e5ee6b34c8baedf354649863c5935ddfad9a19e1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:36 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:23 GMT
server: Apache/2
etag: "8c9-57c9e7a5ac7c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 795

GET
H2 200 demo.css
vchys.com.ua/text-menu/css/ 2 KB
1 KB 190ms
58ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/demo.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: c7c3b30067a4397a1a5748329a4aca793f5b43a0058408c8a38cdff4d46c7c61

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:36 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:22 GMT
server: Apache/2
etag: "99b-57c9e7a4b8580-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 953

GET
H/1.1 200
OK sharestyle.css
vchys.com.ua/templates/Vchys/css/ 1 KB
918 B 101ms
54ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/css/sharestyle.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 1955e35543309ca044a7071e173a7953ce9c0abf99ca51442dc81fdf20a262f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Dec 2018 11:11:22 GMT
Server: Apache/2
ETag: "5de-57dc2a829ea80-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 586

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
33 KB 222ms
91ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 18:38:25 GMT

GET
H/1.1 200
OK share.js Show response
vchys.com.ua/templates/Vchys/js/ 3 KB
1 KB 56ms
56ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/share.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: af1a45f830aed8f072a2ed0e9a1dd4aea40391d1eb8a33c39181b5c05bed53bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 21:13:44 GMT
Server: Apache/2
ETag: "caf-57d3e41817200-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1181

GET
H2 200 devices.min.css
vchys.com.ua/text-menu/css/ 42 KB
6 KB 220ms
89ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/css/devices.min.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 6ec5e1101ea00048a692f3a4baa491dac4e16ec88d52e6f3a4fd17f47eac44c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:36 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:22 GMT
server: Apache/2
etag: "a7a6-57c9e7a4b8580-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 6017

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 175ms
45ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 00:11:57 GMT

GET
H2 200 slinky.min.js Show response
vchys.com.ua/text-menu/js/ 4 KB
2 KB 192ms
61ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vchys.com.ua/text-menu/js/slinky.min.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 1b925cd36e4d7035c4443ff5ce5f8baa93e6b2cf7c9492791276783453c2aa87

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:36 GMT
content-encoding: gzip
last-modified: Sun, 09 Dec 2018 22:36:24 GMT
server: Apache/2
etag: "1066-57c9e7a6a0a00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 1548

GET
H/1.1 200
OK index.php
vchys.com.ua/engine/classes/min/ 203 KB
50 KB 127ms
75ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: 0368c51ee0901e3ae2569a661f8b4d4e8f4ecdfab2508d7b3f0123ddef5ac3b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Dec 2018 19:41:53 GMT
Server: Apache/2
X-Powered-By: PHP/7.4.30
ETag: "pub1545334913;gz"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=15552000
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 51029
Expires: Fri, 09 Jun 2023 04:43:36 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
52 KB 113ms
69ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7694385b81ddc4f2410152f4120172677335aaf07b0213a1d82172a9d389afa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52261
X-XSS-Protection: 0
Server: cafe
ETag: 17781156388586287749
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 11 Dec 2022 04:43:36 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
4 KB 192ms
73ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

b94f4ea14a22b6dce298e06f5cb378dc8b6c450ee389306815063f5b18d09aeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2920
x-xss-protection: 0
bfcache-opt-in: unload
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H/1.1 200
OK index.php Show response
vchys.com.ua/engine/classes/min/ 203 KB
61 KB 114ms
61ms Script
application/x-javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/engine/classes/min/index.php?charset=utf-8&g=general&19
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: d75d0791b92689369d15650ee74fd6b830252eb010653957237c62401edd8da7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jun 2018 13:34:00 GMT
Server: Apache/2
X-Powered-By: PHP/7.4.30
ETag: "pub1528551240;gz"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 61716
Expires: Mon, 11 Dec 2023 04:43:36 GMT

GET
H/1.1 200
OK default.css
vchys.com.ua/engine/editor/css/ 2 KB
1 KB 63ms
57ms Stylesheet
text/css 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/engine/editor/css/default.css
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 0ea67b9a3f6abf27433c6b4404e9aee6db762784fd66c3420516668e87b3d4d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jun 2018 13:35:09 GMT
Server: Apache/2
ETag: "974-56e3595cb3d40-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 718

GET
H/1.1 200
OK owl.carousel.min.js Show response
vchys.com.ua/templates/Vchys/js/ 23 KB
7 KB 109ms
57ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/owl.carousel.min.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:51 GMT
Server: Apache/2
ETag: "5d52-57b07d28d0cc0-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 6465

GET
H/1.1 200
OK masonry.min.js Show response
vchys.com.ua/templates/Vchys/js/ 25 KB
8 KB 138ms
57ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/masonry.min.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 33ae362801df6760d197feb6424b31cd4a3c0f04cb5c390e3f5fb9cec197b765

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:51 GMT
Server: Apache/2
ETag: "62a2-57b07d28d0cc0-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 7627

GET
H/1.1 200
OK scripts.js Show response
vchys.com.ua/templates/Vchys/js/ 4 KB
2 KB 136ms
55ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/scripts.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 8b9d189ee42d3345adcb082b1f8e51a1ba07c48f903cbf2106891274dcf01b18

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:51 GMT
Server: Apache/2
ETag: "eb2-57b07d28d0cc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 1389

GET
H/1.1 200
OK gdz1.js Show response
vchys.com.ua/templates/Vchys/js/ 171 KB
53 KB 147ms
65ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/gdz1.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 9bf15c219c564c48e8306f34c0243e7ef0fba5f85ddaf2f7c2ca044b3279cccc

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:50 GMT
Server: Apache/2
ETag: "2abdc-57b07d27dca80-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 53979

GET
H/1.1 200
OK gdz2.js Show response
vchys.com.ua/templates/Vchys/js/ 20 KB
5 KB 167ms
56ms Script
application/javascript 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/js/gdz2.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 7753657361b802b159fc0bdb146186b65cadc5785a257b494ca22b05b9528e58

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Nov 2018 17:26:50 GMT
Server: Apache/2
ETag: "50a4-57b07d27dca80-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 4393

GET
H/1.1 404
Not Found /
vchys.com.ua/templates/Vchys/css/ 33 KB
33 KB 395ms
395ms Image
text/html 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vchys.com.ua/templates/Vchys/css/
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 / PHP/7.4.30
Resource Hash: 378c520dce7ff876c9b301630fabc4544730cf62aefa4e385d696e2635611069

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:36 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/7.4.30
Vary: User-Agent
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
45 KB 88ms
45ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://vchys.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 19:23:26 GMT
X-Content-Type-Options: nosniff
Age: 465610
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44856
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2023 19:23:26 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 26 KB
26 KB 87ms
44ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://vchys.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 10 Dec 2022 09:44:42 GMT
X-Content-Type-Options: nosniff
Age: 68334
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 26240
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:14:37 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 10 Dec 2023 09:44:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2383127339930356&plah=vchys.com.ua&bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3840f7e1a850174d972123f9177d4c3fe4136f6ef85d7dfd9d021934ffcdd6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120010
x-xss-protection: 0
server: cafe
etag: 15070692727232275435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 04:43:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame A736 10 KB
5 KB 139ms
43ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 22:17:10 GMT
etag: 10353107486223812946
expires: Sat, 24 Dec 2022 22:17:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.917013332946...
https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9170133329...

444 B
930 B

82ms
78ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9170133329461982

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fd4d2a365a8dad1a06d041101943c79d4e6c55791fe35e88b64a53b8835a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:37 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 444
Expires: Fri, 10 Dec 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:37 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t42.6;r;s1600*1200*24;uhttp%3A//vchys.com.ua/;hVCHYS.COM.UA%20-%20%u041D%u0430%u0432%u0447%u0430%u043D%u043D%u044F%20%u041E%u043D%u043B%u0430%u0439%u043D;0.9170133329461982
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 10 Dec 2021 21:00:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
vchys.com.ua/templates/Vchys/fonts/ 75 KB
76 KB 57ms
57ms Font
application/octet-stream 136.243.155.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vchys.com.ua/templates/Vchys/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Protocol: HTTP/1.1
Server: 136.243.155.228 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ua3.d5.com.ua
Software: Apache/2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://vchys.com.ua/engine/classes/min/index.php?f=/templates/Vchys/css/font-awesome.css,/templates/Vchys/css/owl.carousel.css,/templates/Vchys/css/style.css,/templates/Vchys/css/widgets.css,/templates/Vchys/css/engine.css,/templates/Vchys/css/menu.css
Origin: http://vchys.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:37 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Jun 2018 13:39:07 GMT
Server: Apache/2
ETag: "12d68-56e35a3fad4c0-gzip"
Vary: Accept-Encoding,User-Agent
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98

GET
H/1.1 200
OK vinos.js Show response
dominantroute.com/bens/ 137 KB
137 KB 328ms
131ms Script
text/javascript 193.200.64.20
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dominantroute.com/bens/vinos.js?24808&u=null&a=0.9828982159198174
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: etarg.network
Software: nginx /
Resource Hash: 1625a7121dceb87b03bd71920c9017eebe1e36f92db77c25b99bc88fcdd5584a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript; charset=utf-8
Date: Sun, 11 Dec 2022 04:43:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
694 B 199ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vchys.com.ua&callback=_gfp_s_&client=ca-pub-2383127339930356&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2383127339930356&plah=vchys.com.ua&bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43f8d735dfa2d95444c3fe510c63d222b355d271c1d1dd66347323bcedb69129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 179ms
54ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
56ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fvchys.com.ua%2F&tn=DIV&cls=header%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0E8 217 KB
60 KB 468ms
379ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&adk=1812271804&adf=3025194257&lmt=1670733817&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fvchys.com.ua%2F&ea=0&pra=5&wgl=1&dt=1670733816896&bpp=3&bdt=298&idt=153&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2016954796024&frm=20&pv=2&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=170

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0817ca0b440a99aee3486e44c51d9610e03116464e27759f4087761ac6dd40db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 61517
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 04:43:37 GMT
expires: Sun, 11 Dec 2022 04:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79EA 97 KB
32 KB 373ms
297ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1670733817&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1670733816899&bpp=7&bdt=301&idt=173&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vweoasBlaI&p=http%3A//vchys.com.ua&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

714af8a42c52314c6b001daa7232340957c3bee0ecd1348fa3ecdaf67ce72682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33024
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 04:43:37 GMT
expires: Sun, 11 Dec 2022 04:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB39 113 KB
40 KB 382ms
326ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670733816932&bpp=27&bdt=334&idt=165&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eT8vkyG01X&p=http%3A//vchys.com.ua&dtd=168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93820037c52e7ddaf7048a16042082e47becb24a191cc1716fa1c18719fc4c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 40513
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 04:43:37 GMT
expires: Sun, 11 Dec 2022 04:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__uk.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 305 KB
101 KB 212ms
105ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103675
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 08 Dec 2023 14:41:47 GMT

GET
H2 200 default+uk.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 152ms
45ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 06 Dec 2023 00:38:05 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 209ms
103ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2383127339930356:ysrdufrqsay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 11 Dec 2022 05:08:18 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 96ms
53ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "7903281105347033007"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 135ms
44ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:51:47 GMT
x-content-type-options: nosniff
age: 147110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 09 Dec 2023 11:51:47 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/uk/ 1 KB
1 KB 133ms
45ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/uk/branding.png

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 09:44:58 GMT
x-content-type-options: nosniff
age: 68319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1500
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 10 Dec 2023 09:44:58 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 100ms
43ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:37 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 css
fonts.googleapis.com/ Frame 79EA 4 KB
1 KB 157ms
56ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1670733817&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1670733816899&bpp=7&bdt=301&idt=173&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vweoasBlaI&p=http%3A//vchys.com.ua&dtd=182

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 03:42:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 79EA 2 KB
846 B 229ms
129ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 18:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 18:25:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 79EA 23 KB
9 KB 207ms
107ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:50:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 79EA 3 KB
1 KB 225ms
129ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 22:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 22:27:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 79EA 18 KB
8 KB 144ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 13:45:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79EA 153 KB
47 KB 152ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 79EA 34 KB
14 KB 148ms
45ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H3

200

B26539136.345105722;dc_pre=CIuu2r3g8PsCFdCw3godq14PSg;dc_trk_aid=537032362;dc_trk_cid=160047747;ord=2965417205;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/ Frame 79EA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26539136.345105722;dc_trk_aid=537032362;dc_trk_cid=160047747;ord=2965417205;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26539136.345105722;dc_pre=CIuu2r3g8PsCFdCw3godq14PSg;dc_trk_aid=537032362;dc_trk_cid=160047747;ord=2965417205;dc_lat=;dc_rd...

42 B
63 B

159ms
68ms

Fetch
image/gif

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26539136.345105722;dc_pre=CIuu2r3g8PsCFdCw3godq14PSg;dc_trk_aid=537032362;dc_trk_cid=160047747;ord=2965417205;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Requested by

Protocol

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26539136.345105722;dc_pre=CIuu2r3g8PsCFdCw3godq14PSg;dc_trk_aid=537032362;dc_trk_cid=160047747;ord=2965417205;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 79EA 0
0 90ms
90ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtjY8-V-VY8mlDKCG9u8P78yp2AGLpPPebeqrtp35D4vh04fIARABIIPpnjdgu4aAgNAKoAH4nfjiA8gBCakCmpJZifmusT6oAwHIA8sEqgS_AU_QjG1VZH6MudIsYYl5UKIfSUIGhQeOwJp9lalL_rkQlRkdeqdQg2KcLyAxwYJgbPZCtYt2oABfqyqE_KEeWJw-SmjjE_4bo8POV7hJ2nJKP72qn5KozUYxOyhIj2Lb0ZE_kDoU9Vx77-0y8p3iwBSu-NItmVTbMwPa7e2kDJKTtPpsrORFBVAF8W35npkJ2cWIAaMXmW735sTyxFN2JGlb2sArXAB9jmb3q5v8TgRGhrUA2jr6pHXKtVQRtFfPwATTyJXVkQSSBQQIBBgBkgUECAUYBKAGLoAHte2p1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQg8MD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItMjM4MzEyNzMzOTkzMDM1NhgA&sigh=JihtxMP9jIc&uach_m=[UACH]&cid=CAQSGwDq26N9dSMlwO8NBO5IChfyJdH_-1XCSjrIBBgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=90&slotname=1494452228&adk=2905109319&adf=1076915276&pi=t.ma~as.1494452228&w=728&lmt=1670733817&format=728x90&url=http%3A%2F%2Fvchys.com.ua%2F&wgl=1&dt=1670733816899&bpp=7&bdt=301&idt=173&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=vweoasBlaI&p=http%3A//vchys.com.ua&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 04:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
DATA 200
OK truncated
/ Frame 79EA 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

11451250718949484972
tpc.googlesyndication.com/simgad/ Frame 79EA
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA
https://tpc.googlesyndication.com/simgad/11451250718949484972

15 KB
15 KB

77ms
51ms

Image
image/jpeg

2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11451250718949484972

Requested by

Protocol

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:37:40 GMT
x-content-type-options: nosniff
age: 155157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15583
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 21:33:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 09:37:40 GMT

Redirect headers

date: Sat, 10 Dec 2022 17:56:26 GMT
x-content-type-options: nosniff
server: cafe
age: 38831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/11451250718949484972
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Jan 2023 17:56:26 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D91 0
0 199ms
93ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGmbC6w65dyk0n_6p5WhINkwEWV_hi3gKkEET11JIZ_AILRUX7EJPCktCrH9tM2mLHy3o4WSecz313Lgr5_hyiDBNuG1IANbImtbywWjv7xx2ShcoWxJyppWE9_4fskzqaF22ByVl6RvYZjd1o889Q6dnS1ussGT3QMAL0yXICA-YYhtxjHC19znYInmQSiPflRC-SEGCd7QYPAzSEqgR1MEKVmAkhft2jshOyRyUNFp5iu_zWk13BbysS3Eo_1b3AI5FYzVnBB4sPZyeNrWUntZfafzdAwdMfCmaPdUOjqCI8cQlzH5FWfTAC8RwTrGXF1HIDy0ijvYcrmrrYdpDSgbz81K5Yr2-sV1---grpj4K-sOYW5bce2kjGB62nQCsWQV97uMZp_cl-BJMXQiAWUy49FbWt1pvwI4L2CZAVTJrssdrGRH3EuRfpDAGm512U9GJaIjy1PnoNHWtBF1kWV80YuJ7On-r5UKRbsNUmkAI9YLj0NXo75N-rYJsfM5e7a8FJO4mvP-yai5Xy7jLOHMExUwZNuuHmEwsAje0lfxoPfOmeJBFpzDMNj4NCbgIwJcvWsBFJEZcOK7PkBNfycEUMaj7IVPrpi32RDlQhF9l1PL9IzVQnnicAKGnkHbgKexUN9i85al1vLr24Effi2PvJa0AxX5J1xIEeDmD-I_usdeOor9BP-hkGIqddJq-edxFeHjE9OS-J_V15FC_4pFHAepKcgY8Rt8xw-obQC9tCaVWZIEc_U_spdComVQAzJTvvCejxCSlBl1HDKxrGtgkVmIjaadGXoLlMfbg0BXr6reMkN28x52KLXVUadmfMZ_-wnvx-MqVpKycROZ9_C0eZkOnBgbLVx2qLerWx69HhpOjnSKVdOh16_4RpSwKZZCBOuDzdOm9zkHuKq9Qy5Z_i-_Bk2ZOW3c0JZRj-lnytmcgs2dADvnPPTIHCKaWL2TI-iUkTVyrdAliVJPcqeesY1PoMzycw&sai=AMfl-YSykGALH2YFiT-MdDPIFh2sPh2idmQrFT09bysKh6BQkcd-OwV6BBOpL55td9ZCVBX2t6zuSiUDNnYuBc-37M8EgqNuQjtjybAkmc7Zs9HQZuTCNKUp2krFM08iaa1CUbLGkz2Qw7gG8RyFLGCAhur4D8McP7vaGdjlH8y6dZLhkl5E_Wnsl-4VLCJOBczbnwjhOlQAiGrLV800qB6EOrK6A4k8sEHAH6NFRQ2YgMb42dtv-z3gtg&sig=Cg0ArKJSzCoxhu1KiiYbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 04:43:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0D91 106 KB
38 KB 162ms
44ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 15:32:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 0D91 6 KB
2 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670733816932&bpp=27&bdt=334&idt=165&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eT8vkyG01X&p=http%3A//vchys.com.ua&dtd=168

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:59:14 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D91 41 KB
15 KB 111ms
55ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:32:31 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 0D91 35 KB
14 KB 149ms
92ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 18:32:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14217
x-xss-protection: 0
server: cafe
etag: 13612117104345174519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 18:32:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 0D91 3 KB
1 KB 185ms
130ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 22:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 22:27:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 0D91 18 KB
7 KB 104ms
49ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 13:45:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D91 153 KB
47 KB 171ms
116ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 0D91 23 KB
9 KB 170ms
115ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:50:42 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 151 KB
51 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/reactive_library_fy2021.js?bust=31071220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08ab8ac80ffa7a9594e20fa830a394fb4c0cd0ecd9886c1a6bf39c08236f8b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52387
x-xss-protection: 0
server: cafe
etag: 10963300136847153370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 141ms
52ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 144ms
54ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vchys.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9DCA 103 KB
36 KB 430ms
430ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2d49c918e4a892ed49c6e1b742c1c4e6c3af1ff1aa8ed5bc71371f5aef005c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36458
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 04:43:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D93 104 KB
36 KB 489ms
489ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=2732199629&adf=681586689&pi=t.aa~a.317283392~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&to=qs&pwprc=3519743202&format=1200x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1670733817624&bpp=1&bdt=1026&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=V2N1h57Nqt&p=http%3A//vchys.com.ua&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c588f226524a4a9028d3ec049db4604d5443cbde21e56913d55f5bf5923573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 04:43:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D31E 22 KB
8 KB 136ms
45ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 479453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 15:32:44 GMT
expires: Tue, 05 Dec 2023 15:32:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame F3BD 10 KB
4 KB 44ms
43ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 18:19:12 GMT
etag: 10353107486223812946
expires: Sat, 24 Dec 2022 18:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame BA0A 10 KB
4 KB 44ms
43ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 18:19:12 GMT
etag: 10353107486223812946
expires: Sat, 24 Dec 2022 18:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0D91 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c1ec83b19a9a9c2648e2d7b2162c1c7cb6cbeeb9341bdc56bed0691d19f7f7d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 79EA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66dcc3803f97778013d44951dd9583f33d38299034d1bf9d461f579b126caa7f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 0D91 8 KB
4 KB 178ms
45ms Script
application/javascript 2a02:26f0:3400::170b:cea2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=353276832&num=&adid=&advid=8650961&adsrv=1&btreg=544407160&btadsrv=doubleclick&crt=182018202&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::170b:cea2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 11:39:13 GMT
Server: Microsoft-IIS/10.0
ETag: "8065f8730ad91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/ Frame B337 5 KB
2 KB 135ms
45ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2c81932873500bc113572e5b7212e9e473b1e8c0f10499e8092a55937df050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 313382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1746
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:40:35 GMT
expires: Thu, 07 Dec 2023 13:40:35 GMT
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 400 img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276832;a.a=544407160;cache=2993712033;
ad.atdmt.com/i/ Frame 0D91 0
0 164ms
54ms Image
text/html 2a03:2880:f080:a:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276832;a.a=544407160;cache=2993712033;
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=250&slotname=7401385020&adk=3245228110&adf=3920548723&pi=t.ma~as.7401385020&w=315&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&format=315x250&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670733816932&bpp=27&bdt=334&idt=165&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=215&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=875299809&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=eT8vkyG01X&p=http%3A//vchys.com.ua&dtd=168
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f080:a:face:b00c:0:8c Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame F3BD 4 KB
636 B 143ms
54ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 03:14:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame F3BD 19 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 19:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 19:42:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B3EF 624 B
242 B 54ms
54ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXz57kCEMKYjJEEGLb92NsBMAE&v=APEucNUXcTWsHVOqpcw0H3eN_nhXoZR6onium8E4N77A9Vo0PlFbcMJTg1fl-W_XpMOwHf8lNMoZwIZj5ime62bue-60eL_LlGC2596q87iD-K4L8QnPxfKikc3nxgRVQTQszx0HcjS30m4a2jzt0iqx3dxq-S4KNfhjD57Cfu7KFX68f0xHNks

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 04:43:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame F421 23 KB
9 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:59:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame F421 6 KB
2 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:59:14 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F421 0
0 176ms
85ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviVKoDWe-v-iSUYEl7rz7PKj4-SQYwgPRqIpGlwHt5N6kfG5PIQhoOtTFPwNCthXCw4PpFJ5BtGkZSKlAz3VA1LhgK6OeeKLnl9iUguymPSrwIHX4Zhvm4n4n3yWTO70RAzGCCN5yFNm1h2R3t6bDXLixoxAlhBZYn4CEgTs01Ng3W3ZV-oZFRzj1vO96U7ILNDv1cRbQCwp1VXosEaRyI9EZTzYn1JPY_3PYRXe9v9WLW9rYdAbruAB2zHpCsZ0F27Vjf4Rkvb4ZHi7fT2g6FLpWUOH8ftQ9KQjMz9z-QdB_-DjT5yePLmz8jGGqqgYSZ1-Ex_95C7tQHN5JhiJUZiaDQoK4AC1xlD8lG0Q61_-QSZrWFBratceUl_oDb-FrG0JQET_QUOyP1Ti_P_3a4P2YxZdyQjsmVbge5le6Lr18JooTfpz07XkFYovlv9TD2CxEhOaQB6sdCTF_pFPhvV856JBPHvfUd_PUZI-iNceD_uBS_hVbrOa8V1ULXff2rsG8aj-YUxUq2Zuq4UCwpObstnM0y6_VHKiZwDwew602lHCJCW_LOC0-GQ3n6VqbI5RavecZ6ozsmorVoeCkOSKtW1DO_0cUZV775UfvNAM0G8DbIvFN8YIxa4b6SFsVmyqu0KFgW4ACEkTX22Dj5zI9tcdnCrlYjgav40gVJPx-yhRC2hGwo-gQ-BMc-XOx2sZK5WgmaUtjm1QtZKZXEV8ubkWNGAaHc6MvXF-vUNl4tbS6V3MetDiNRwMyVQHs93Pp7a_yVCRDaYAGCffAZjjxNqJEon01gBvh1ifOpSbu0zac-B7Bhb9z9tiDVTvUQ9hTOrZg9euFHrCKDbbJtD_a2Zg2Cb8lRD2y8JPehAmelGvtI5T8vVE3hHJGZF8Z7H6kwIjmAvZ7V-PY139u0bc-yAH0UA7bNbR-4KE1Srt_60T09Zwczs2HB-8XXDt4AXkfJcfV0fxalJ0T9NsUeuNwjeS-Owut4Bo5KkVMQWHvQs7px3Q-KM9yGC5Di3hrw6OyALapp0Dgsd4IkCA4r3L5Jp4RUwAkCD41tM-QXbbFnWpmAN0nVt60tcLkgFx6wDbdvoHgMnbGOK8TwAEVw1vuUxUKypMAGav_zLL-GzBGn_og&sai=AMfl-YRomc8b0KyffBpt-usZBjtMW6AX2OMBAXuW6d8x0gtQBQ_LGEF_u9dEkvAfvrQbW9FQxigvrbw2f0LAZf6aEFu3-luoy8C6-LUEppkxDGaz4MxkanHc2kHhL4o_jTVhSf7rmu3lhxxpKWREesXiazOcjMJuxjQ7xTCFHRStTjBUv0kL-OhquAYHAhhxrAd3E1BD7LjqrnPfPXoNlIa-IDFcU_Oz_obV5DTa8BBvQCVIzzX_PaUYfw&sig=Cg0ArKJSzCma0nFJs-AuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221206.30684&arae=0&ftch=1&adurl=

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 04:43:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F421 41 KB
15 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:32:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame F421 3 KB
1 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 22:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 22:27:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame F421 18 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 13:45:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F421 153 KB
47 KB 141ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame F421 23 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:50:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F421 42 B
63 B 78ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dd00lWI9S-37KO-eV2QNygIJfFO5xuy5o898SyqjUBnjaosn1mlqWHtIwv5KWiNMnjgyvuestZKHRJgBljWKe8TQ1My1YIcKucQ-79O8cAsmSXfQk

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9317794573668831034
s0.2mdn.net/simgad/ Frame F421 74 KB
74 KB 101ms
47ms Image
image/gif 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9317794573668831034

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e57e0515b5cbcf77a8f9df4888d5d88f4858437b4335f500166fa8891a5e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 16:22:29 GMT
x-content-type-options: nosniff
age: 303668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75710
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 17:02:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 16:22:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 79EA 16 KB
16 KB 141ms
44ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 233037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 11:59:40 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame D31E 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B3EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&C=1

43 B
766 B

44ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXz57kCEMKYjJEEGLb92NsBMAE&v=APEucNUXcTWsHVOqpcw0H3eN_nhXoZR6onium8E4N77A9Vo0PlFbcMJTg1fl-W_XpMOwHf8lNMoZwIZj5ime62bue-60eL_LlGC2596q87iD-K4L8QnPxfKikc3nxgRVQTQszx0HcjS30m4a2jzt0iqx3dxq-S4KNfhjD57Cfu7KFX68f0xHNks
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B3EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5Vf.jEtaJxmLMTRQ6COCwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&google_hm=2

43 B
766 B

44ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXz57kCEMKYjJEEGLb92NsBMAE&v=APEucNUXcTWsHVOqpcw0H3eN_nhXoZR6onium8E4N77A9Vo0PlFbcMJTg1fl-W_XpMOwHf8lNMoZwIZj5ime62bue-60eL_LlGC2596q87iD-K4L8QnPxfKikc3nxgRVQTQszx0HcjS30m4a2jzt0iqx3dxq-S4KNfhjD57Cfu7KFX68f0xHNks
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPW8dIwZIsz639BdI8u9PE8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B3EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdtC0_VuHC_d-63AgOJhDA&google_cver=1

43 B
1020 B

133ms
45ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBdtC0_VuHC_d-63AgOJhDA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLXz57kCEMKYjJEEGLb92NsBMAE&v=APEucNUXcTWsHVOqpcw0H3eN_nhXoZR6onium8E4N77A9Vo0PlFbcMJTg1fl-W_XpMOwHf8lNMoZwIZj5ime62bue-60eL_LlGC2596q87iD-K4L8QnPxfKikc3nxgRVQTQszx0HcjS30m4a2jzt0iqx3dxq-S4KNfhjD57Cfu7KFX68f0xHNks

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:38 GMT
AN-X-Request-Uuid: d552b5b4-4427-44c9-bbe8-51298ea9909b
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBdtC0_VuHC_d-63AgOJhDA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ1Njg2NjkxNDExNDAzOTU1

170 B
188 B

143ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ1Njg2NjkxNDExNDAzOTU1

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:38 GMT
AN-X-Request-Uuid: eea98a22-883a-4492-9052-2c0c49c2cf2f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ1Njg2NjkxNDExNDAzOTU1
Connection: keep-alive
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F421 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 648b8d13898649b9dd354994524dce679b7dbd66d869ea64aea4ea6380c7e8a2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 08FC 22 KB
8 KB 45ms
44ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 479453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 15:32:44 GMT
expires: Tue, 05 Dec 2023 15:32:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/ Frame B337 6 KB
2 KB 45ms
45ms Stylesheet
text/css 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc196f8a908960ed2108371fc671938181c14d38b87ef2eb047147d543888cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 13:20:16 GMT

GET brand.css
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/ Frame B337 0
0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B337 60 KB
24 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B337 2 KB
1 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H3 200 initialLoader.min.js Show response
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/ Frame B337 4 KB
2 KB 57ms
56ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/initialLoader.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1989
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:35 GMT

GET
H3 200 fontfaceobserver.standalone.js Show response
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/ Frame B337 4 KB
2 KB 55ms
54ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/fontfaceobserver.standalone.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 00:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1674
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 00:17:55 GMT

GET
H3 200 custom.js Show response
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/ Frame B337 3 KB
1 KB 53ms
52ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/custom.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baa65d81f48c211672e20e98cf0d7add2ee8d6e5484155afa46a02c1a63cf606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1203
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:35 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/ Frame B337 8 KB
2 KB 53ms
52ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7bded8a179b31d2795703f0fb8c7e7b46a8f427789d1bb11eec24dfddb4da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2256
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:35 GMT

GET
H3 200 messaging.js Show response
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/ Frame B337 3 KB
970 B 54ms
54ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/messaging.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 941
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 00:54:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 6A20 23 KB
9 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:50:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6A20 8 KB
716 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 04:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 03:46:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 04:43:37 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 6A20 14 KB
3 KB 148ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 10:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:02:14 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 6A20 388 KB
131 KB 150ms
46ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 10:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:02:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 6A20 18 KB
7 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 13:45:20 GMT

GET
H/1.1 200
OK dv-measurements3317.js Show response
cdn.doubleverify.com/ Frame 8901 552 KB
106 KB 49ms
49ms Script
application/javascript 2a02:26f0:3400::170b:cea2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3317.js
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::170b:cea2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 09:45:11 GMT
Server: Microsoft-IIS/10.0
ETag: "80ad389920ad91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108147

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 08FC 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F16 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9DCA 8 KB
895 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 03:19:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 04:43:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9DCA 2 KB
765 B 45ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 18:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 18:25:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 9DCA 23 KB
9 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:50:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9DCA 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 22:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 22:27:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9DCA 18 KB
7 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 13:45:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9DCA 0
0 52ms
51ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDPspzis9145Rx5m29UxEY-rxGSqkYPlAoMgNhMBS8X_Dh0lZ-5ubZxv6ZgpPnw7YsAfM_0vHZWouPxAcIJL-9HtZjfg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DCA 153 KB
47 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 04:43:38 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 9DCA 34 KB
14 KB 136ms
44ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F421 0
0 82ms
82ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviVKoDWe-v-iSUYEl7rz7PKj4-SQYwgPRqIpGlwHt5N6kfG5PIQhoOtTFPwNCthXCw4PpFJ5BtGkZSKlAz3VA1LhgK6OeeKLnl9iUguymPSrwIHX4Zhvm4n4n3yWTO70RAzGCCN5yFNm1h2R3t6bDXLixoxAlhBZYn4CEgTs01Ng3W3ZV-oZFRzj1vO96U7ILNDv1cRbQCwp1VXosEaRyI9EZTzYn1JPY_3PYRXe9v9WLW9rYdAbruAB2zHpCsZ0F27Vjf4Rkvb4ZHi7fT2g6FLpWUOH8ftQ9KQjMz9z-QdB_-DjT5yePLmz8jGGqqgYSZ1-Ex_95C7tQHN5JhiJUZiaDQoK4AC1xlD8lG0Q61_-QSZrWFBratceUl_oDb-FrG0JQET_QUOyP1Ti_P_3a4P2YxZdyQjsmVbge5le6Lr18JooTfpz07XkFYovlv9TD2CxEhOaQB6sdCTF_pFPhvV856JBPHvfUd_PUZI-iNceD_uBS_hVbrOa8V1ULXff2rsG8aj-YUxUq2Zuq4UCwpObstnM0y6_VHKiZwDwew602lHCJCW_LOC0-GQ3n6VqbI5RavecZ6ozsmorVoeCkOSKtW1DO_0cUZV775UfvNAM0G8DbIvFN8YIxa4b6SFsVmyqu0KFgW4ACEkTX22Dj5zI9tcdnCrlYjgav40gVJPx-yhRC2hGwo-gQ-BMc-XOx2sZK5WgmaUtjm1QtZKZXEV8ubkWNGAaHc6MvXF-vUNl4tbS6V3MetDiNRwMyVQHs93Pp7a_yVCRDaYAGCffAZjjxNqJEon01gBvh1ifOpSbu0zac-B7Bhb9z9tiDVTvUQ9hTOrZg9euFHrCKDbbJtD_a2Zg2Cb8lRD2y8JPehAmelGvtI5T8vVE3hHJGZF8Z7H6kwIjmAvZ7V-PY139u0bc-yAH0UA7bNbR-4KE1Srt_60T09Zwczs2HB-8XXDt4AXkfJcfV0fxalJ0T9NsUeuNwjeS-Owut4Bo5KkVMQWHvQs7px3Q-KM9yGC5Di3hrw6OyALapp0Dgsd4IkCA4r3L5Jp4RUwAkCD41tM-QXbbFnWpmAN0nVt60tcLkgFx6wDbdvoHgMnbGOK8TwAEVw1vuUxUKypMAGav_zLL-GzBGn_og&sai=AMfl-YRomc8b0KyffBpt-usZBjtMW6AX2OMBAXuW6d8x0gtQBQ_LGEF_u9dEkvAfvrQbW9FQxigvrbw2f0LAZf6aEFu3-luoy8C6-LUEppkxDGaz4MxkanHc2kHhL4o_jTVhSf7rmu3lhxxpKWREesXiazOcjMJuxjQ7xTCFHRStTjBUv0kL-OhquAYHAhhxrAd3E1BD7LjqrnPfPXoNlIa-IDFcU_Oz_obV5DTa8BBvQCVIzzX_PaUYfw&sig=Cg0ArKJSzCma0nFJs-AuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&vt=11&dtpt=233&dett=2&cstd=0&cisv=r20221206.30684&arae=0&ftch=1&adurl=

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Dec 2022 04:43:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9DCA 0
0 88ms
88ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CujCS-V-VY4eTKNn87_UPmuCnmAe14bOObcDX6IXQEOvUuMzUARABIIPpnjdgu4aAgNAKoAH96r6CKcgBCakCfsZpqg2RtD6oAwHIA8sEqgTNAU_Q4oXX-sId7m-iO54bvNfMMqXp4g279Pj48cBn255Q2gmadLYi3o8IJ5atxtd3JvAsu_FVu3uJ0coGixWpX4PvaSgisSB-nYB-lIi2cmiTQsdP8vctBz0kF3MmfCxBEdlMsw9Acw843KH-k35Qn_uouUWlntqMCMYqQsILqqC6ZwEvye0N9ZLiRtLPXm2R-7mP1KIe6gbLbx_86WJoX752th2n7OWHJbSiaMH7Z8Wfaj52aqCumH-EsP5ox91cAXdz8EMRiPAvyhEkBUrABIbKiJaPBJIFBAgEGAGSBQQIBRgEoAYugAf9oo_iA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENWrDNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTIzODMxMjczMzk5MzAzNTYYAA&sigh=AYXUMN-MAjU&uach_m=[UACH]&cid=CAQSOwDq26N9lnMoTIOOYjedjXD0NFvWVYPxbm7pjsLAJBIPRb2uLvXI5Uc_a_b5BAu5KtofNselm3EXwDXcGAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D31E 0
20 B 82ms
81ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byk2R-V-VY5PvC8G5lQeO95ywBwAAAAA4AeAEAg&bg=!BgWlBUHNAAYgquz3AKo7ACkAdvg8WoVCKLNrBo_DL--gGVZE3_x5vQTP4U7Gw5BThcmZwec2KWff-wIAAAB9UgAAAAJoAQcKAGXouu62ZTLZPe8R8uYtjw2lqOou6CxDiRDIcYe7g78rDy1qz0_qA-b226qT1E3XE6Wbv5GYT-YBJDUp4xs8-DHW5H4tkmPJ5SfIc-xQQx597eTmOenGpvKFN2kQ1scsrQufvvwo45kC3T7h4Qf31HVfC3OEt7YKLMpV5jIZGjJQ2V5mcLYaPV2b9ZiIHQFo5Y5aclPGdMhzyTikSThb8mEbLrrcX8ldNboksnGt_pXhLjiseKEig-txOJHt7of_8AVxohD3i7nj6OYf-LGP2WU0rUo_fE4cFMAHtYDcXs_HZPwEQl-Hg08ygZPsy3xA6XBWtdCtkx7u0VMtWV2JRu_-j54DvBUhcAy3A-uowqQGpswHMaJw-9LU1IUMLh6wRSao_z6hjx0oRSijwAWZ-6PPoEQiBhkcB-A1DRFCqL__FC6olMYGP_SK-ce3myQH5dg6RD7AYKalrk0BBApbXLPtwrwPLRFLHEp1YE8QhEq8DgjJQTxwlJJmzGwawkBuYQy9Ke3kMWLcJ1nbjCo4nDE9ZvGSK3Zawj8VCoGIaSZF_yTDyKcXuW3F3y_BGtx4UAqpYCormD7xWv5IBJua04YE8ms30JkG3E9fVoG0xSIVKV5k6kA2UPGgwRrrfipT6Ppxb8kdfMa7hKDvdQbb5zbX91KCYasT4J2OWXlqzNn-aq5XRwBYd0N2jHgxGyYWfd1TowBm5ZAZVsn7wQThxaTbidDDRXvEXlREysNjKaa3OJv3kt4lNMgDbcab7fw-K2Fi2--aYL5HrzVnZrvVokOqSYD5L6U5QjSTDY_8NbXf1T4ZMfXwb8z0WIoyoY59pegbGEhSkvdEwiCzQzl_toeiMQQSoMMUM3VZEyYDuIhEmA6dybx4SUSDCt2acLy5zqaRDlQVBHa35HflGby0sN52B4qVmu6Tkn4zo-wTzygTtuk0HTXfxjzBgbIQWy9zNlfZDr8diqgcYnV0izgOa2nSt6WwN8uv4sU7oYzvQi0kpL_dnCuYXBVevNUd07l8sLMAhj6NcwLUpzslOyNHkUAzmug6gm0x8Ic0Fs8J30pRg1IOrVOTBjf9O8pQ9Z2mwe9JMnc0WTeUYfxj1x4q7P3xqrzqP-g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12727132106379335442/ Frame 9DCA 78 KB
78 KB 45ms
45ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12727132106379335442/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f60910a38fcb438b5460bda5991494c4ff8e516ac29aebafb9d299df2b629f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 12:10:34 GMT
x-content-type-options: nosniff
age: 145984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79997
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 07:44:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 12:10:34 GMT

GET
DATA 200
OK truncated
/ Frame 9DCA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9DCA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 2D93 8 KB
895 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=2732199629&adf=681586689&pi=t.aa~a.317283392~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&to=qs&pwprc=3519743202&format=1200x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1670733817624&bpp=1&bdt=1026&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=V2N1h57Nqt&p=http%3A//vchys.com.ua&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 03:17:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Dec 2022 04:43:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2D93 2 KB
765 B 45ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 18:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 18:25:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 2D93 23 KB
9 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 23:50:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2D93 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 22:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 22:27:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2D93 18 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Dec 2022 13:45:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2D93 0
0 52ms
51ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlel7yCJmhKv8pwd3cs5B7ksSIOyVfp0puqX4iwzdLHv9xoejMnJi9RhM8b43rd3qNP2KEL6ibAWLRHYas1J2XPCMgoA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=2732199629&adf=681586689&pi=t.aa~a.317283392~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&to=qs&pwprc=3519743202&format=1200x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1670733817624&bpp=1&bdt=1026&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=V2N1h57Nqt&p=http%3A//vchys.com.ua&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D93 153 KB
47 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 04:43:38 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 2D93 34 KB
14 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 8901 978 B
846 B 303ms
52ms Script
text/javascript 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=183&ttfrms=27&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauG49JD%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauG49JD%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=296&ddur=179&uid=1670733818193379&jsCallback=dvCallback_1670733818193169&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3317&tgjsver=3317&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2383127339930356%26output%3Dhtml%26h%3D250%26slotname%3D7401385020%26adk%3D3245228110%26adf%3D3920548723%26pi%3Dt.ma~as.7401385020%26w%3D315%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670733817%26rafmt%3D1%26format%3D315x250%26url%3Dhttp%253A%252F%252Fvchys.com.ua%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1670733816932%26bpp%3D27%26bdt%3D334%26idt%3D165%26shv%3Dr20221206%26mjsv%3Dm202212060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D2016954796024%26frm%3D20%26pv%3D1%26ga_vid%3D735365293.1670733817%26ga_sid%3D1670733817%26ga_hid%3D904583191%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D215%26ady%3D396%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071200%252C31071220%26oid%3D2%26pvsid%3D3702664462101001%26tmod%3D875299809%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DeT8vkyG01X%26p%3Dhttp%253A%2F%2Fvchys.com.ua%26dtd%3D168&fcifrms=8&brh=2&sdf=2&dvp_epl=230&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=353276832&crt=182018202&btreg=544407160&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=141619800649.3322&dvp_tukv=31146264.378823854&dvp_uuid=1719902373.328093&dvp_strhd=0.5999994277954102&dvpx_strhd=0.5999994277954102&dvp_tuid=1170107264639&jurtd=601337123
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 55661bab37ea39b78f435124e89f3ce2901d2ad2548c7016ae89c2d14efb208c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:38 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 12/10/2022 04:43:38

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2D93 0
0 90ms
90ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2F1Y-V-VY-23KsW5lQef2bX4AbXhs45twNfohdAQ69S4zNQBEAEgg-meN2C7hoCA0AqgAf3qvoIpyAEJqQJ-xmmqDZG0PqgDAcgDywSqBM4BT9BmHotVYNE0B1ZeJHNmiWAP49YeDnsWWImEsz3o6duXgGLB9i63x07mVnKFTW_B4238Zz8iSBE5xdWvjsRz7_QnFtCSSusf29t_YRD5lp7Axb_jMiol_43E_xRW7JwZzYbAXsz6v1ec8ufNk9FTGHjWk0ZpTFKbuFFmbtrSBWZ4OO62XHZaxL51bfsE2GSRrppVBoN2SOKG3tt8CK43gwj2xIhcXb4jyV1JraEnH4CyEw1CZGqWqPkD_Sol8HSf4POEhNv1aH8UdGNWAmbABIbKiJaPBJIFBAgEGAGSBQQIBRgEoAYugAf9oo_iA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEISSFdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTIzODMxMjczMzk5MzAzNTYYAA&sigh=3--J-OD4kws&uach_m=[UACH]&cid=CAQSOwDq26N93rBKeTaNy67foQyZEmVNWuQfybU1nDkWDC34al1620TJ_21AmmTqvH3zUtBytO69PeYpmOKCGAEgEw&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=2732199629&adf=681586689&pi=t.aa~a.317283392~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&to=qs&pwprc=3519743202&format=1200x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1670733817624&bpp=1&bdt=1026&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=V2N1h57Nqt&p=http%3A//vchys.com.ua&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12727132106379335442/ Frame 2D93 78 KB
78 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12727132106379335442/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f60910a38fcb438b5460bda5991494c4ff8e516ac29aebafb9d299df2b629f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 12:10:34 GMT
x-content-type-options: nosniff
age: 145984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79997
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 07:44:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 12:10:34 GMT

GET
DATA 200
OK truncated
/ Frame 2D93 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2D93 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 933C 1 KB
643 B 47ms
45ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 69199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sun, 11 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9DCA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca494a98201b7950c5bd649ffedc27d373f5e5b33033815775b22ed5ae224099

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 6A20 0
327 B 851ms
292ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lbivs0pq&c=5683280468762&slotId=2841640234381&qqid=CN-0wb3g8PsCFbGK_QcdFDUByA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A20 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=COC7J-V-VY5_UDLGV9u8PlOqEwAyesKqba4n2-4ekEJ64iLaDAxABIIPpnjdgu4aAgNAKoAG5986-KMgBBakCfsZpqg2RtD6oAwHIA5sEqgTkAU_QQPtbL-63lHGof9aM4FP0lkbXGAQ4MMvft1VJ7qIv3YPesBys2zjgmuFCnuP5VqwTh2LSsAdDjjzDkO54t1qm9T5HWiT1KflNQEXTsHLX_-Ngmw3SfkgS2zNGbpwfoJsNgiZqPRhNr4EN0GlUSOx1Rw1DZbrgSN5b4gBx4l_Z6UoB_6Xp9hqZ4cLVlj-oTRYAu4s4a-jf749AhVcM1gWW3VGGfGnCkqXl1xGlSM9pGKUbTWeY32E-UjQf3IOBf8WirZzplNntUvi_0GkI5b0ox1xtqIlbIyaswTN4Iav-2b1mCcAE9K68maUE4AQDkAYBoAZ2gAe5r5-eA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATgsPwD9ATANgTCogUBtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1670733818277&ai=COC7J-V-VY5_UDLGV9u8PlOqEwAyesKqba4n2-4ekEJ64iLaDAxABIIPpnjdgu4aAgNAKoAG5986-KMgBBakCfsZpqg2RtD6oAwHIA5sEqgTkAU_QQPtbL-63lHGof9aM4FP0lkbXGAQ4MMvft1VJ7qIv3YPesBys2zjgmuFCnuP5VqwTh2LSsAdDjjzDkO54t1qm9T5HWiT1KflNQEXTsHLX_-Ngmw3SfkgS2zNGbpwfoJsNgiZqPRhNr4EN0GlUSOx1Rw1DZbrgSN5b4gBx4l_Z6UoB_6Xp9hqZ4cLVlj-oTRYAu4s4a-jf749AhVcM1gWW3VGGfGnCkqXl1xGlSM9pGKUbTWeY32E-UjQf3IOBf8WirZzplNntUvi_0GkI5b0ox1xtqIlbIyaswTN4Iav-2b1mCcAE9K68maUE4AQDkAYBoAZ2gAe5r5-eA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATgsPwD9ATANgTCogUBtgUAdAVAfgWAYAXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6A20 27 KB
16 KB 170ms
70ms XHR
text/xml 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AlAaJ4HoKj-l1LMB3urJV20vI5alIgwK9UgMfAmVNhTlzxO4BzD0QF05OhvkoU0wTFqme8RbXi0unPHUCGqUtBqP3KMw&cry=1&dbm_d=AKAmf-BPb1HB7mQ5d1EgI2lCuIqrCdARs-Y4oacdwpY-5ypPoRfja40BFCFdtmZy8Pna_Np53a06_ijyVlGenOOZsCgmxOZqByFopUU5M4kA0MKjLCpm3f-7xjNJqA_h4wOVA3Et_Uo1epXFZ2Kelcg-OwZjVgRZ9tg_pHYCfk2z1qu-fa-_Ub1kFTE1hJotfrWxnLb3vTXmgcC4XsTk4UonadzVTNt3iHJRwFEYz1Jbp6THHOhCvZbIw3cq1euVYhwB-zHywHLUDMOtL2OEnO6Yz5QW2OapGcPUguqjm7M4w5NHrCgSZ3arIszbP96B7ebpGmh2elzA2CkRLLooOwdfEPPO5XT2J2e4sqIos6E3ZrdKb6Mw5SVZOm92Wu43NTxvJo4BAa76VKo4BOr20LrJLLuwi9MsZNt9DrKt34y4N0xsLae_Vs2Dun3SDrzRkaC6Lt1GqPUcXbM2AitUFFwwijrMC0caQyBkyEmPW59Vo8TYeNebPGK3X4O9xtXbJGh2wNg-fQitjHiM12leAsiju1rsKyaOC2yZI21cYo95qKOMltgX1ZHLxJ9XKJDtPTawm_w4u0yekcTnGfllKMYJicT3vYUZJOzvFpycMIS_czFrU6tba8IBPHusE5xuzNkzUBj_bT4xy0Laxrf473mMjOdnIh-Pui1ojuRU5Zu7fh2uu0bPB1REyhCl8-OxKqTwJdFpuXsfJyBkvVSD_3tPVGNTn_D2QlGmU8bmIVIDAqjsf1YKONQeciTh2R5xd07hwOwwmr2l0buIX6Kt3ft-CCD-2QBtMf-0louF6tDJgzv1h2E2jqIxp8m_w42z4beEqZ3hEhDZv62bXxCzWVYRkaISyig52ei9fA3DTjNBgvKxOZn4ZkNo1GeaDu7-yd58sKtESj8MUm9pGGdxoX_Z5pVtxxzdcs1j2zl6tLNAwlRxvvEjHIdCmZq-Ts9xxY1oSSeoz2KD48kYN7uvaxIvk0rAJ4DW39gSUdFEJKw5Gh594e_SALjAiqcDI3Ir8XVC9aG71Bq_6z4bmHbv7ytVj0CX1hSbhU9ht-fqllNChkrzFyMBQnfvGcTE8huDgAiAmLUUJ1HMMdbla3nYaWOmn5lCnhkGHaKi46CESLf9l1ZUaTKYQWwMON7n8Ofoi1t8uVo6kgyBECVUZERU0POger7dMJuEt0gKxePKv2GZ7iIUKSJ7LqwgEILoW7KDCBRHJD6MC-63t05Whp24psC4mru4go2aBzsuK8RTKPXFPGyp5AzvniINsiEjxupOXaC_1bV25wV9H4LU0qDOU8n9eCvCmO4s3-5D5WDI_gHw892lqELrN7zPQh4s2DDlMYuVXEAdbGyLkzlPTe3Zukkn21j3YJpBfFdthuZ6Mp-uknpNl1457dJl6UmwmQQm4mFhBj0egsZ9qbWw-8Cz-BmC7co2UfyKHoZZ2M_I0PYOa7fTdvLbsifnkTQHnsIJ4ud3-hhPK5XcRxKBZgHSqqHIw-tinyAsLY-OXlE-q946hqW1knM-ovU-LlHJI1QVHv_DoAkv97d9o4fodR_Jf3ee99vQMqZTQCAWTj1CSNr7_fGNSRiy_ybLzk3nDDnpPfORv64NB8dQebguNl_u2h_mtj9mcqbhHRsNdis3aHyGn0QY8x_n2RMQ-GOuLvqFsPrWRDrtWlZLXmzMHqfhzFvknWmH4sGcvS-v19lUoS_c7EjIFv0nxGQGPK_-4LwlyyjzWaog6H-_9aCTiX-4Bncc70dRm33ZrKInoyWenbmQNnLm9XMp7ndZ3lSQ5Y6CVdBD_p5j5GBNpGEdbs7NAzsf4b3bJxr5vHsme998yMtHMluv__yASQJ7_oHMhACBi3gxdMaJGTcCoJh9lIvelaZn0nmtigNRwk3UKuJPmT9z3cOFO7DxM6S8IkT_j5JTpsEa3zoVy4jgGcX6D8Bb4rasy1umTubGz6T8VyqqLNAbtPnNgPvoAF7ECUP81HtxZs0WtBxorTgJZiR8yTSl6N2qkFBp9SLCGk4diuReGnoC1zbDNTZh-nnxrpKiRogmusyYYCHWMPrgK8Em8HRzfE0hmCV3gdyaZb6_FYVavfCiMwx2FLV3GEHn3cN8GNZxhL6ELQT096MsrL1935l5_ecj5xtSNJdiYNpT34IUXfeV5uh0N0KjGDkSmYZtiVNFKXYsMVWerzm9uGGwxNFuwudIBPq43GziFxXAzRvI8-7bMLC8Ep6rP_Ulh7ef3NbFZCp7KQDtCP3DLD1gN1Ols0jSN9oHc69SDFvDvhWOZU6hfy7eY1WSKrrypfUo3EWxNcmxNuyY05Mxkyt-VHYjjcCFf7AytuD2WOsEaOUzkA6vd_jsQWOfP8qSZbzWsqISQNDj_CStO2bTLOAJZLQEsPuzqbttBVtqiGefCwfbyQgTq8oJjpDuoR_Z5s_4aSbvV0G9RRC8bbjVRfUO1VLyFeWEXP-6xv4eg6QOma0EgHvE1kpn2Mj1ZvRfiIFc7FwbjtJWDCMmuFf2sRr5LbvxlofFZPB8UtVKQ0wNHbryerdCSTZhjhtXO-wXNOnGfEN2W7Hw-7TXvJclrownbJmaB3aBatb-ga_YMgfCyXmiyJQEGDRxqyy0wZu77NP5BZRIBCglOh2VYfSaknGNLplFHnklcCkLQGosjTWCPG9IlzFJTGEfU4qDo4hta1_PWuKa-QIcQxsStCMTKT8tC2ZBBWIdWl_1XNibZ2fauKcyP1rtadLExDgxdk__H7PmVfayh5o9tU-zThlBRphrbi_2qrxdraORMtzYGqiFffUP18hn-xhNbhk-Ixyz92QfGQMJ2btA07_ZTscHyHh7cirJ1TZsRmpCHYhCuyJou48BD1L1958XayTvnNl_2qbXaCgDsQp14pogTksxTjaDUWgVRrSzKhRfVb3kFFcjxXUe776aLxoGO2PaP_hv0hdcD8_HahlluqUlIehgwvx3B3OZTycFK83B0pbPvB0OMq7rayy-mXoAUs1Q093Fo_qyc_OLoSdHA3jQ4gp036mgS0Cg5XLO8rRVMnjZQp4zt5zoNo3Vj0HB1xm2pR6w3B-LALUdAvMk1Vn2AunbM07Tq7uF6wvf0rumr5ErAJe3LgImrZ0c-9Bgr3A87BSBrEAwLIP4n59lBgYHCNuaojggnipxy2t8CgocaArJGCu3Uz6FSvQBgVeaHzcyYVAONGVZjCajs90V5EMJbnSIv0fR72i42fRrvuViv-gFFZf1CNuJXW16iy7vzE3DUEy1qL1e5Vt7wUnqVX_bffPDMlFOvW1tBoqoi9HFze1vGSxPOF_lWjLOTsztSCOMPbEMjQ7JlStwnAWRaEaaiYZ3hnYgAMiU8yVH4tqTmoUjOXSC0JUbLzM1qz-zWnsxov6FOoyaEoznaTlBFwlaeo8oI2pZ8IZ98Uy9X8f8IFvqNyLKOAjVgoxvKarABSbVWzol29jcGhFFiIiLjGQbLk0ARnTSV1p3zmXorCnt4aZ7Reqob4QTrvE23ImT60SmzAyHe_gEj1F_0pojbXYLMJ5OGdazQbNMGTKLU2hclpAa6I3aOBw90A_GD5MtvP8GfrZglHeJ9QxRXmeS8q3f_shZLpBKMxY9ri-5cERP6kpuIA&cid=CAQSGwDq26N9npVgTzxEV4SO_Ma0FsxMJEHviTAxPxgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

cafe /

Resource Hash

777ec012383b9e1abb2a0c13dc3d67f832ede7261b7479b9c2f669c26c1c3548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15815
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B1A 1 KB
643 B 46ms
45ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 69199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sun, 11 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2D93 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 864115f93054093e973a577effacab8fef3303a62f9ebbd3a09008f680b5df73

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9DCA 28 KB
28 KB 135ms
45ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 198477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 21:35:41 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 933C 0
104 B 265ms
73ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENzF2zp2nBALpkCh_fneF0o&google_cver=1&google_push=ASkJ3FYV5jhnzTi_TQoh0Dx91lMWhXVKW1ohQYBZgKMB_6sim_RLkBE3AzbsavMNQabB-MVxA4kM4nq2y_9MQdKo5BpwKkcFJa3v3jCo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 933C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0o4NWZhME0xUDRlYkU1&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&google_cver=1&google_push=ASkJ3FbbleJT4ojQZ3-hPgiofSZ-UxSWkHhYUoGg3P47sWe...

170 B
188 B

54ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0o4NWZhME0xUDRlYkU1&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&google_cver=1&google_push=ASkJ3FbbleJT4ojQZ3-hPgiofSZ-UxSWkHhYUoGg3P47sWewVyOEE8ZxzaPiaBzf2sf8D-OnsNxrp7pD5NsRNuoZmikN7EQ8EUXXgiEH

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:38 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0c6774dcbd8510e59@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0o4NWZhME0xUDRlYkU1&google_gid=CAESEDQb5hMegu9DQcv-YRXwH98&google_cver=1&google_push=ASkJ3FbbleJT4ojQZ3-hPgiofSZ-UxSWkHhYUoGg3P47sWewVyOEE8ZxzaPiaBzf2sf8D-OnsNxrp7pD5NsRNuoZmikN7EQ8EUXXgiEH
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 933C 70 B
265 B 139ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECdnjIzgD8NbQ-AZSajGSRs&google_cver=1&google_push=ASkJ3FY7hDtkIH6rdBHU0bPLIt0rOcOqrEssklr3BmNJe5ic3XAyjisqkG2aSalepfy8B_4KBrBHpnX6wuVdHS4PgmO8-Sa67NcXCHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 933C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEwEV5lunSptODSpT_Dj2dM&google_cver=1&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0Rv8Qlj3...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEwEV5lunSptODSpT_Dj2dM&google_cver=1&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0R...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6a891f8e-074c-464a-87b2-5e3e78b1e5c8
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=6a891f8e-074c-464a-87b2-5e3e78b1e5c8
https://x.bidswitch.net/sync?dsp_id=4&user_id=d6816471-faa6-460d-84f5-85a6437745bf&ssp=google&expires=30&user_group=5&bsw_param=6a891f8e-074c-464a-87b2-5e3e78b1e5c8
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0Rv8Qlj3UpxlrWOuSCE&google_hm=aokfjgdMRkqHsl4-eLHl...

170 B
188 B

54ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0Rv8Qlj3UpxlrWOuSCE&google_hm=aokfjgdMRkqHsl4-eLHlyA==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbEPNrHaSjE78K6WIEIzeAgmZDxP0D2oJt0z7DxEIORuN8mOkMXz-uw76OSB3nu0XmsHWTH-N_kkw_w0Rv8Qlj3UpxlrWOuSCE&google_hm=aokfjgdMRkqHsl4-eLHlyA==
date: Sun, 11 Dec 2022 04:43:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 933C 43 B
351 B 130ms
37ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPAZrHs1cW2Hsk3ZFe7jTx4&google_cver=1&google_push=ASkJ3FZHFv5yAMkofPg-oQwCnP5WFUhBka_pRhxg0xkan0wX5AQvYau2xD2n76a0-mhGrTLinmaiGCJe7D_qB4y-7pBFGHbd2Due38g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=252850466&adf=2859928939&pi=t.aa~a.2873955903~i.4~rp.4&w=760&fwrn=4&fwrnh=100&lmt=1670733817&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3519743202&ad_type=text_image&format=760x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rh=190&rw=760&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1670733817578&bpp=1&bdt=980&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250&nras=2&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=585&ady=2422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ykmdvsAa68&p=http%3A//vchys.com.ua&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b8esiemql6lal4lq1nl4l3sq03442b9m

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 933C
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEiAWVNyrFDmp5I38G4II4Y&google_cver=1&google_push=ASkJ3FY1-EgxIZRa_18L0Ojx2AuroB0OhPCvkaWfb6klRuGIyltYtPCy-t1YD-GtotTPgkr0l-hZALVmjfjskQR3...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY1-EgxIZRa_18L0Ojx2AuroB0OhPCvkaWfb6klRuGIyltYtPCy-t1YD-GtotTPgkr0l-hZALVmjfjskQR3IFFJO-1AQoWGkvR7

170 B
188 B

54ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY1-EgxIZRa_18L0Ojx2AuroB0OhPCvkaWfb6klRuGIyltYtPCy-t1YD-GtotTPgkr0l-hZALVmjfjskQR3IFFJO-1AQoWGkvR7

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 11 Dec 2022 04:43:38 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FY1-EgxIZRa_18L0Ojx2AuroB0OhPCvkaWfb6klRuGIyltYtPCy-t1YD-GtotTPgkr0l-hZALVmjfjskQR3IFFJO-1AQoWGkvR7
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: WNJeXZ0pRLmo5IhBLfAajlkp6WZgSqeLZ-33gRzvNvORqM5GkRFdUg==

GET
H2

200

report
sync.teads.tv/um/ Frame 933C
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDzMW4jd_n-Xf1cIf4AkODA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FaoFOdhcRA1GtB2rN1KmTLZAUCLcpkGiGyOTi-1idBsqqK6udRpbfSlRsqWEsBawvth0zUle_rrLUhPzYYZ0WpZZOVmEUhCb0DNdA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

75ms
75ms

Image
image/gif

23.3.109.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.3.109.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-109-122.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sun, 11 Dec 2022 04:43:38 GMT
pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 933C 0
12 B 53ms
51ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkJ11GCIwqf3yrdOAqZizRXfcxN7saxMgzB1p2Wy5tVhGSG7uzLWrrqq3sncXLJc1yyYMV-g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2D93 28 KB
28 KB 108ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 198477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 21:35:41 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3B1A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL6Ves8BBsMpM6586wXmsu0&google_cver=1&google_push=ASkJ3FZCssj5VW9p1q0to47DEpHkszDNElijGWK25VvoOj1yc3OxP4hWyMuJxBT0TDFGNw2rH21TSJbXaYR6Q94agO85WGoiv0xsfq4
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE1NTM4MjczOTUyNjQ5MjcxMg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3o-b5jjFs8qsBJqwEYmxk&google_cver=1

43 B
398 B

170ms
38ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3o-b5jjFs8qsBJqwEYmxk&google_cver=1
Requested by: Host: vchys.com.ua
URL: http://vchys.com.ua/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK3o-b5jjFs8qsBJqwEYmxk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B1A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELr3pwSHzxXXv4oLR2gnqn8&google_cver=1&google_push=ASkJ3FawXJMma9Dl_cAwK9AuXZrJB6nH-x--Wn9itVIC0kIe2SvQPeGlk5JOcEnI9SkiTxLfBBl91cBb20x6s6OT...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FawXJMma9Dl_cAwK9AuXZrJB6nH-x--Wn9itVIC0kIe2SvQPeGlk5JOcEnI9SkiTxLfBBl91cBb20x6s6OTni0uJUmjpepsLg

170 B
188 B

56ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FawXJMma9Dl_cAwK9AuXZrJB6nH-x--Wn9itVIC0kIe2SvQPeGlk5JOcEnI9SkiTxLfBBl91cBb20x6s6OTni0uJUmjpepsLg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 11 Dec 2022 04:43:39 GMT
Server: MT3 180 1fd3e2d master hkg-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FawXJMma9Dl_cAwK9AuXZrJB6nH-x--Wn9itVIC0kIe2SvQPeGlk5JOcEnI9SkiTxLfBBl91cBb20x6s6OTni0uJUmjpepsLg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 11 Dec 2022 04:43:38 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3B1A 0
191 B 179ms
54ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEE3DtL9AirrAdGkxQct7IDo&google_cver=1&google_push=ASkJ3FaHPUF8dCSP7YFygTrSE7PhuqoVGqqB7lYceErwxq5vWi2Oj2l5Y5WUvAbEPh0hZPqqkjY-UN3zPUs8CXlUi_-YTs5RTTj2C8E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=2732199629&adf=681586689&pi=t.aa~a.317283392~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&to=qs&pwprc=3519743202&format=1200x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1670733817624&bpp=1&bdt=1026&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=V2N1h57Nqt&p=http%3A//vchys.com.ua&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 11 Dec 2022 04:43:37 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3B1A 0
174 B 124ms
43ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEME3BqlsigQtdp-UjAyiPaw&google_cver=1&google_push=ASkJ3FaAHj0-5Kfl42Qv0lC7rmXJylMrTAhYTpnlfC7Z5XhOi4PEAu9wEUHbcQWyWbLbhLm0Z9a6HJBB5EBB2lP93pPoblunw7s-cg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2383127339930356&output=html&h=280&adk=2732199629&adf=681586689&pi=t.aa~a.317283392~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1670733817&rafmt=1&to=qs&pwprc=3519743202&format=1200x280&url=http%3A%2F%2Fvchys.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1670733817624&bpp=1&bdt=1026&idt=1&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea1ae050a956ea9-2229523addd90006%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g&gpic=UID%3D000008cfe549fe30%3AT%3D1670733817%3ART%3D1670733817%3AS%3DALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg&prev_fmts=0x0%2C728x90%2C315x250%2C760x280&nras=3&correlator=2016954796024&frm=20&pv=1&ga_vid=735365293.1670733817&ga_sid=1670733817&ga_hid=904583191&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071200%2C31071220&oid=2&pvsid=3702664462101001&tmod=950068177&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=V2N1h57Nqt&p=http%3A//vchys.com.ua&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B1A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN69VfCxovOqPLaZC-pytv8&google_cver=1&google_push=ASkJ3FZPi_4jHqjkxuUAhsgMvlpwXee4vQdg9gjmdiQ_QkIWxGu2vzHypdUKxz3m0fuujVMQZhHUXBiPqzFbfq...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NTc0NzEwODYzOTQwNjIyMg%3D%3D&google_push=ASkJ3FZPi_4jHqjkxuUAhsgMvlpwXee4vQdg9gjmdiQ_QkIWxGu2vzHypdUKxz3m0fuujVMQZhHUXBiPqzFbfqrTON...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NTc0NzEwODYzOTQwNjIyMg%3D%3D&google_push=ASkJ3FZPi_4jHqjkxuUAhsgMvlpwXee4vQdg9gjmdiQ_QkIWxGu2vzHypdUKxz3m0fuujVMQZhHUXBiPqzFbfqrTONlhe7-FYJGMMg

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NTc0NzEwODYzOTQwNjIyMg%3D%3D&google_push=ASkJ3FZPi_4jHqjkxuUAhsgMvlpwXee4vQdg9gjmdiQ_QkIWxGu2vzHypdUKxz3m0fuujVMQZhHUXBiPqzFbfqrTONlhe7-FYJGMMg
Date: Sun, 11 Dec 2022 04:43:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B1A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPzGeaSPsivLwoJTJDXxQgs&google_cver=1&google_push=ASkJ3FZWmeMZtF_noaO41eJcj1xlMASSYMxn3scGfmrcJ-yAf5VLdWAfTVbHckYeMjRvvh6s-xEoQ4xSCQAlKoS7neFaoPf...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZWmeMZtF_noaO41eJcj1xlMASSYMxn3scGfmrcJ-yAf5VLdWAfTVbHckYeMjRvvh6s-xEoQ4xSCQAlKoS7neFaoPf2ZAJknV4&google_hm=eS1IV003UUxaRTJwRTA...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZWmeMZtF_noaO41eJcj1xlMASSYMxn3scGfmrcJ-yAf5VLdWAfTVbHckYeMjRvvh6s-xEoQ4xSCQAlKoS7neFaoPf2ZAJknV4&google_hm=eS1IV003UUxaRTJwRTA1QWU3SUtPOHhPQzBZMEs2TUx5Ln5B

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 11 Dec 2022 04:43:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZWmeMZtF_noaO41eJcj1xlMASSYMxn3scGfmrcJ-yAf5VLdWAfTVbHckYeMjRvvh6s-xEoQ4xSCQAlKoS7neFaoPf2ZAJknV4&google_hm=eS1IV003UUxaRTJwRTA1QWU3SUtPOHhPQzBZMEs2TUx5Ln5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B1A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGCBkO2qJVKWNdl7Ib1y4_M&google_cver=1&google_push=ASkJ3FbZjxo0E1Tf4IJD8GagFy92G4_IG9v7WM32wGc3KpQuCM_jfNShSKcgmtR_QGjsmYB3ONV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJVlMwWUEtQi0yNzUz&google_push=ASkJ3FbZjxo0E1Tf4IJD8GagFy92G4_IG9v7WM32wGc3KpQuCM_jfNShSKcgmtR_QGjsmYB3ONVOQxHR5dinuu6YQ4zvkaYuw8z3j8s

170 B
188 B

54ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJVlMwWUEtQi0yNzUz&google_push=ASkJ3FbZjxo0E1Tf4IJD8GagFy92G4_IG9v7WM32wGc3KpQuCM_jfNShSKcgmtR_QGjsmYB3ONVOQxHR5dinuu6YQ4zvkaYuw8z3j8s

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJJVlMwWUEtQi0yNzUz&google_push=ASkJ3FbZjxo0E1Tf4IJD8GagFy92G4_IG9v7WM32wGc3KpQuCM_jfNShSKcgmtR_QGjsmYB3ONVOQxHR5dinuu6YQ4zvkaYuw8z3j8s
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B1A 0
12 B 52ms
51ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJHj4E_jjTYNw2yroAjIwEty32Hamyfv5h0qlm_dMCUqfpnBWuopLulAf39ewzPTUk9aQY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08FC 0
20 B 82ms
82ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpitQ-V-VY6DUDLGV9u8PlOqEwAwAAAAAOAHgBAI&bg=!MjGlMXXNAAYgquz3AKo7ACkAdvg8WhyV47owN4vN8tOi_4e9XbWfpJqeS7N_nqPEUYrt5_OTdVN0_AIAAAEmUgAAAAJoAQcKAG96n1ZprsbG4X46-Ck-80bomqAx1wZwkMCqB6ASBJaizvOD2BibSqxdbxUpWz5xuciC6-8ob8rBSHrJBThpeqvRGJ7V6-B1WhiGT6q-B-3DCvF9KLaDvY6lW-ZK1dfrWewfDYW2B86515AE8rdd8emZAvHYRxlaBvdd_K99JNvSHZgS2-j_R18DMMkyAVChFnnU5ZcH0JAaTju2bdc4RtotFvWWl2_4Ff_cWwCeNIScuI_nKm9k7l9XdwtY4oJExTLLVAaUnS6csVUxclU6WclXCo-N3SoTwl2Oj9jaaFJCTb43q1X-bPJO4sf6WGNv0Xxadr5_k2YjHPqOx_EHQ-AipnqqJVhps5EHaU3bBWTdPSvPl9eG2KXyh1JJk0VzeZXKGQd6MnWzLTe86aToiJrCLj_mfdGHJYreKKB4sOjPcUDkX2KWm66uD3RTiF37jOJqm3W1yYk7kBvIRDk3jFcWUnu08j8j1g9WPhBWKTUkc5j19RQUsg6Ss6xMOcVLJhoiikaQaOEa8c3j319N-k1aFesPH-YRpJ9FAk0qtAKApCAA7mXUbOr-tLRsCmqQqPQOHk0n3N5YYa-EE_rPE6q2K-Uqz4AQ3d40r5oQYW-qIFA95v-l2fJm6FcucbNV2DBQOXqE4xS4ltQwOMBkbZzNwn4iYOoldcUIHHc1OZb4hc7yanFQIrV9go_ICZnK2QKr-TjIWJAR3vM-TMo6osc2YpT4zBtV4JaScjhLFt5pQZ99nMUvyie1wvlxqEMB5O5_xT_qYooXylbSaMytqukmciFlYQjj7Ka8HUBzMmeVbD_2bSr4w1P1MVRBMjdNezFSyeXxfSKiO99Pc5vciEC8vAuUaym3rD0ELTiTvyU5VbtDPli9umLUwKRTUSRNvTcGs6Ys-PnHYm9jn8O90rnZ3BUr2rjgYIOFAYorMwKMgMrbko8g6b6BVJ6qGl4Oi4vguWJrvwy5-alLNgPnW0Wupf5P-3sOljdjHYzzS6ML-8uUG7w8URy36g1t-f938Ss84QzzLxhK6DBWuv8Qj4Yk6LefOhpRF4YzJN8P7duhzfpzatcQfLu7n-W_sNNei028TxQEMIRHAkJwJli49WA-GaV7Dwu0TqX1mqzkawB2ZvlcLEJoLEr79Xcsor8yptwjPXQ

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/config/ Frame B337 945 B
592 B 54ms
53ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/config/config.js?r=0.6297471108814829

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5888f0625319d6fadde7446e7784b96595644ce26ceaebb6ca17172a56ba9d2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 564
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 04:43:38 GMT

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/ Frame B337 190 B
217 B 44ms
44ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:35 GMT
x-content-type-options: nosniff
age: 313383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:35 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/fonts/ Frame B337 24 KB
24 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 03:54:34 GMT
x-content-type-options: nosniff
age: 175744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24316
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 03:54:34 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6A20 41 KB
15 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 10:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:02:17 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-aigzrnsr.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6A20
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-aigzrnsr.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

208ms
33ms

Fetch
video/mp4

2a00:1450:4009:17::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-aigzrnsr.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5855F7BC1F831593745738A33A59D14547BD6023.15B36EB2408B832167360613242FF050AD803CE1/key/cms1/cms_redirect/yes/mh/wz/mip/2001:ac8:21:e::6/mm/42/mn/sn-aigzrnsr/ms/onc/mt/1670733646/mv/m/mvi/5/pl/48/file/file.mp4

Requested by

Host: vchys.com.ua
URL: http://vchys.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4009:17::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 04:43:38 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4022241
Last-Modified: Wed, 20 Jul 2022 09:30:26 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 11 Dec 2022 04:43:38 GMT

Redirect headers

date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-aigzrnsr.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5855F7BC1F831593745738A33A59D14547BD6023.15B36EB2408B832167360613242FF050AD803CE1/key/cms1/cms_redirect/yes/mh/wz/mip/2001:ac8:21:e::6/mm/42/mn/sn-aigzrnsr/ms/onc/mt/1670733646/mv/m/mvi/5/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 familyGuitarSuitcase-tier1-360x300.jpg
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/ Frame B337 29 KB
29 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/familyGuitarSuitcase-tier1-360x300.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

316e24302c38c44ef5b2e9706375cecdb9cf8ba0aea446534c7245613f43de50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:36 GMT
x-content-type-options: nosniff
age: 313382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29532
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:36 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/ Frame B337 74 KB
74 KB 51ms
50ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:36 GMT
x-content-type-options: nosniff
age: 313382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76141
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:36 GMT

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/fonts/ Frame B337 26 KB
26 KB 47ms
47ms Font
font/woff2 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/styles/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:36 GMT
x-content-type-options: nosniff
age: 313382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26720
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:36 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame D6FA 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame A602 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B550 23 KB
9 KB 46ms
45ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 461038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 20:39:40 GMT
expires: Tue, 05 Dec 2023 20:39:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 404 hotel_names.json Show response
s0.2mdn.net/json/ Frame B337 43 B
62 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/json/hotel_names.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/scripts/custom.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:30:17 GMT
x-content-type-options: nosniff
server: sffe
age: 801
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sun, 11 Dec 2022 04:45:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 182ms
92ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

526d07f959e6138027dcd27e172f4482236c2e41c5121d501e7ec95f19817d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11146
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/ Frame B337 2 KB
2 KB 47ms
46ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

153d6542dae5652359907e7fd4b060afd3e648cc10f0cf1c1f866d0c69f7e3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:40:36 GMT
x-content-type-options: nosniff
age: 313382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 13:40:36 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame B550 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B550 0
20 B 82ms
81ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BPCYy-l-VY8mdGZDH1wai256ABQAAAAA4AeAEAg&bg=!9Pel97PNAAYgquz3AKo7ACkAdvg8Wt28IpDGLSlVVx3ARnTF2iTtf2yAqr3nL6KqrvSmKhJSIna3VgIAAAA_UgAAAAJoAQcKADBxI4QqLGOf2sAWyhKmpzCOKE7rb3yMB2-LwGtT1mJBm-9v8PyXVu90XKFQWFgWEV2ZAu-jPRVzuyj9k3GepOpWADPz5pJmMF4vRqS0uESstfGom27Q1-GbTXdTalksQFWOR_7xyxHm-3NJ8HDKRMctWT-YIiPNiL7hxOyprBTcOh_nAY4fTjd3yt9ANl-K_3CxTfaABZnP4YNAPVXQ45r7-DG6UKfk3_8ao_mZ3m03zFS_Np9MCaAWb4t3An64exuV1LD6_-smD46nJPO-MBzzDRo3nwkiODUwRSUzffmJttwk7llVpP17K5N41eI3cKq2K_ILg2DmM8RjVZm2DZP5uJFrtScAVEx0ohIBgswIaOPpYEnTXO-zCa06-lM8oIlqFl5asiuFb_7QH9RVSR0DElmcaUDtgN8zqgq4rUQ15Fm5JGMXdak_hhoG0WJ43oF4h5eeayn784Rn6pGM6uTN9qP0Uh34j3X2xSg1vZQmn8ezp9qV7n6M0D6H9CGSLo89ESOFNl5xwPZjd5y6QC5Rmm1t-fgsrKyxLFc4zho4Dp6c41emi5WEhuKBKkYQfbupiiytIQ0-OsEKL8bDf0G-XYM_ntEyIWsMkc1hQpv4u0ExD8x7ADqaSA0gQgSoZd9fOcPrxdgBwqJ9NuYc5CBSI877_KyTtB0-EgiftODVqTLzJjgDbds_4CNxIAR9E09zp5dFNtoa42YUa1F_iUiMB6x8XgjjDMEdDntjNhpu5-LeWp8dvYxsGssFfmwYlsESItlPDBkioEeTU0PI1oyQc3Aj4WPJjBI7iVZkKHjeCaHpGNMjec9nEUyIknsHWpjNwkNjQ4uYbcmo7xS_IRAbYlQslxGOYgd9B45gVMb-3h7z-O224ZOu33fWmC1hzLnpVlW_H50W9FcruUaV1O3EnSveiYijojNFrKw84FlNDTrFg_fgFaUyZRpRLaO1KcCCko3dS7liAvGzg5QTBDgBnYsQJ_0DfA4f0BfBaCJfKhIpYi9jIQUhwB-LUqVZQyQNthK3rZWIrVPBtVgMnGYWiJUvaLnzPljpVWZSHvBCl4OT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r5---sn-aigzrnsr.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702269818/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6A20 132 KB
0 71ms
33ms Media
video/mp4 2a00:1450:4009:17::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:17::a London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 11 Dec 2022 04:43:38 GMT
date: Sun, 11 Dec 2022 04:43:38 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4022240/4022241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4022241
last-modified: Wed, 20 Jul 2022 09:30:26 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 04:43:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A0F 13 KB
5 KB 45ms
45ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 22:29:13 GMT
expires: Sun, 10 Dec 2023 22:29:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D015 783 B
533 B 53ms
53ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b9ea0977d3dc759a0750d1ef170c410ef12acb686da131cad9be18e2dfc58ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T-dsecX6UdBprBEC2qbukg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vchys.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-T-dsecX6UdBprBEC2qbukg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 04:43:38 GMT
expires: Sun, 11 Dec 2022 04:43:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A0F 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 23:13:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 79EA 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVNZADhqO-uAF4yQrwbGDY1qlYDLhU8qP1Lr8pyQaWSdP_04Qx4Rtd9XyPRmFgScU0fX2UjTkFhRk41hP5suWlV6JKHp5RfMEnArIG_gKAHEOfcHnNWgQFXR4kO40lkoR1BfTtnw&sai=AMfl-YRiVpl4MzUg9Lsribjq75jAHI2Faeh8U-Kl_LeHdiK2VBOmqnFFipolgf6ejOIAvNcCEOMYcGs7X7s2RhI&sig=Cg0ArKJSzBIDxbHy8OdvEAE&cid=CAQSGwDq26N9dSMlwO8NBO5IChfyJdH_-1XCSjrIBBgBIBM&id=lidar2&mcvt=1006&p=0,0,90,728&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2905109319&rs=2&la=0&cr=0&vs=4&r=v&rst=1670733817081&rpt=925&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D015 0
0 78ms
78ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=3702664462101001&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A0F 0
12 B 45ms
45ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9q1zsQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 04:43:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F421 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5WpXbbpH3mIzlMAwjzfKbLf-c8LpiIez0Z8gfHNYsicyb8w5E-XY1B-5oKgfaQX9uUK0ssd59wgcxSvHk6CZLrK8mK0ba7O5XHTHjXJN1Kfgz3zW1zOVZcbsD&sai=AMfl-YT3STcvhaVsUO-SAAC24sVmVkdgqLzSKeyAYiE7Hv5mhN9uMCFIdvEqfsm61N1RDNM85MbbQvLrPzN-Cxo&sig=Cg0ArKJSzILpG_OOKGHVEAE&cid=CAQSGwDq26N9npVgTzxEV4SO_Ma0FsxMJEHviTAxPxgBIBM&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=668,1002,1002,1002,1002&tos=668,334,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1670733817813&rpt=566&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6A20 0
54 B 598ms
296ms Ping
image/gif 2404:6800:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lbivs0py&c=5683280468762&slotId=2841640234381&qqid=CN-0wb3g8PsCFbGK_QcdFDUByA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=876&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D91 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuDp5JZtIerPi36k2hGPIZpPa_0lRwJCXNwWVMVsOaUtELNCyuD3gH0gYfUiB6dbXk5faR7tdGpr_6SC8TLhWXPS7IHPHFLJbgjAqlwI9q8a4ShAfYK6jG8D_kT1dtSMxkC43YMc5b2i4pNgk3ZenJBmgo1e9uUTOQgDBHGS-rxqWhvUXWgNZfnaSWankF7w&sai=AMfl-YRfB8aFjtpm1NaRXru7Xzq6IT7Qn-nnCquKSapPtXq82IjE5atRJt1b03xGDuyl362GNGVW-GNQvrpLvtw&sig=Cg0ArKJSzDSwlEaa9D6zEAE&cid=CAQSGwDq26N9vKwdYoQ6888wem5i1U44crIMUc7xZRgBIBM&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3245228110&rs=2&la=0&cr=0&vs=4&r=v&rst=1670733817500&rpt=1078&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Dec 2022 04:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=3702664462101001&bg=!dXaldjLNAAYgquz3AKo7ACkAdvg8WssCno8gygwkg2-QWejLpNvveknbUa0ASWQG6oIOODmQSQq_egIAAABPUgAAAAloAQcKAPUFbVaCOTVuUaQ67jPJTCPCtEDBN2spgo9nQcehRi_7jpDllsthBLmmdK5c2OB1sxwuJd0tcE0tk3k5oQEZVbSBdTNfFVQhdACPdQg0PspEHs0Z7rs9bsiOm8Wvti3sd7YVZVICYRYyt8uXkjxbRHbJaEEQszTtUnu_OmhtKm4CLrXvdexVZ4nPNrjGhwKdWNC_pNL5-ZYUH_OTOLhxkrh3EZKm3NZz63yIxB3vprFFIWhJYaekA03JAXTq8Ple0g8lN2OtT2EFSa6mGVI4O6JDiUUfvVrpNd92mXwsTkXdzx6Smag6dbz8UpZefNw7vV6Z9o1ZrJkClnYWz1-O57Qa8uEDcvkTN067V7x8COd1bS7xsZK_rrKBDansslI2h24ijMRFwoBMtAr9hgx07jzYXUYkdMY7Cb46hGuaO2M-aW9APCnL87gwxjJZE5CEBn32-4p_vHRJhh2eKmGFQ01McHD6qrvuFBdFH1UXwGxRsUnrYHx8o05xSNfHbHybeK5j0mowuks6DxwE7Y1UKP9gXl0oXIfDzhBENm-g5LeKHgcENX3iRbaC7WBatva4Rek0ZeW8kYA4EKgOx8YbHd4_KJMxAkcxuwwx9byYk9Qu1h0v3iDeBtv9sUZsvFIm8Hu0UqkYlVr3r9Lg56eioc9YHzEb6Zdol7BsYXLxwjqQmJJjoqI_yh59x0CsS-aQfnaT9Akxs5b4INcz9K1mdmOvMDivliXLCeHBGFiFSjZWLaPAd9LLiS-y_RYXSQeubtboLzVTPpLqEXX0p-8mX38L0aszLVD6UA29NLFyy64aBbMfr5IKyDQhPPA_emLNN3lmfrzb7MijPLfK0VaeKBmjlCWqHKTm7-Wv7pPfqKuH3OtCm3hodhe3J3iUhIfJUyhDBU094nunDENqcuH2X3jHlrZlxOW8m6Nc6AYd69L7vx_wP9uGJElXr38aRH1BQdm1TSd-i3vCliwqIkD_W-cT0EU1h-QLLomFnet9cfVR3ne53a9DyTi-fLLP6S2-8KhRwnZRPsVcx_XuYmxc1Rq_M1J-4YD3ckx5KBZUAxJ3MrPVDSjjpAvtfak2DpR_X7Gutx_S6lttFJIHmZmFbZe7HCfPBAuQnJe0H35Xgmszkl4RlFpoc9lyS5L00VLEQ8LOO1De-Ids5wJK3E8F3tVz_DftLfFC5qZC0HHninmrj7dPTBumGlHoRoCp0VM3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://vchys.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 8901 0
210 B 139ms
47ms Ping
text/plain 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=6ef4a47fce3d4f7a975ce1b52ed014e8&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=303&eoid=14&msrjs=3317&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=179&tetms=7&msltms=100&vltms=303&sei=290&vetms=4&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=37&isumms=36&nvr=6&isgmmims=37&isgmv4mims=37&elmtp=1&isbxdms=2336&b0=100&b11=2379&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2479&sftb=2479&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1039&isuiabvms=1039&isgmpims=157&isgmv4dpims=1039&ispmxpms=1039&iscvmvms=1039&engalms=35&engscrlms=157&dvp_pageEng=true&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=2&metp=2&meeid=1&ttfurm=3334&cbust=1670733821502753
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 11 Dec 2022 04:43:42 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/10/2022 04:43:41

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/brand.css

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vchys.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: db089a2f7f854f3839962fa6e8b870ae
.yadro.ru/	1970-01-20 16:50:42	Name: FTID Value: 1ZbL_v3laHuS1ZbL_v001T5r
.vchys.com.ua/	1970-01-20 17:27:09	Name: __gads Value: ID=6ea1ae050a956ea9-2229523addd90006:T=1670733817:RT=1670733817:S=ALNI_MZn0kxkcPbctTKWfR4a4l0dCLJu9g
.vchys.com.ua/	1970-01-20 17:27:09	Name: __gpi Value: UID=000008cfe549fe30:T=1670733817:RT=1670733817:S=ALNI_MZg5VvVO9fbZuQx91HHdrYAVAdrbg
.yadro.ru/	1970-01-20 16:50:42	Name: VID Value: 38SqbK2rqQeS1ZbL_v0018Hj
.dominantroute.com/	1970-01-20 17:41:33	Name: uuid Value: 16707334883649750123
.vchys.com.ua/	1970-01-20 08:06:17	Name: u_count Value: %5B0%2C0%5D
.doubleclick.net/	1970-01-20 17:27:09	Name: IDE Value: AHWqTUnJvL-GWfoCh2CBB7cH00nep5zqEKBa-5z1rfDTVml3uXYeY8TIf3IGDLKB5Po
.adnxs.com/	1970-01-20 10:15:09	Name: uuid2 Value: 445686691411403955
.casalemedia.com/	1970-01-20 10:15:09	Name: CMPS Value: 2199
.casalemedia.com/	1970-01-20 10:15:09	Name: CMPRO Value: 2199
.adnxs.com/	1970-01-20 10:15:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In6x2QZT!]tbPl1M>e)ZlrFUfJ+tGXxo@<w=qCLx!E)J-wpNVFc<8cO92NYZS+6A9Lj_3If)y3KL9D3I?+fd'xbf
.casalemedia.com/	1970-01-20 16:51:09	Name: CMID Value: Y5Vf.jEtaJxmLMTRQ6COCwAA
.casalemedia.com/	1970-01-20 10:15:09	Name: CMTS Value: 5152
.blismedia.com/	1970-01-20 16:51:13	Name: b Value: 63955FFA8B51ED8AC2EF558EBLIS
.adfarm1.adition.com/	1970-01-20 10:15:09	Name: UserID1 Value: 7175747108639406222
.turn.com/	1970-01-20 12:24:45	Name: uid Value: 4155382739526492712
.bidswitch.net/	1970-01-20 16:51:09	Name: tuuid Value: 6a891f8e-074c-464a-87b2-5e3e78b1e5c8
.bidswitch.net/	1970-01-20 16:51:09	Name: c Value: 1670733818
.bidswitch.net/	1970-01-20 16:51:09	Name: tuuid_lu Value: 1670733818
.w55c.net/	1970-01-20 17:35:48	Name: wfivefivec Value: sJ85fa0M1P4ebE5
.yahoo.com/	1970-01-20 16:51:31	Name: A3 Value: d=AQABBPpflWMCEJ0rhSy-Iyh1CtUux2onBbMFEgEBAQGxlmOfYwAAAAAA_eMAAA&S=AQAAAqWOWx_6t9KruKddjSGawag
.w55c.net/	1970-01-20 08:48:45	Name: matchgoogle Value: 5
.creative-serving.com/	1970-01-20 17:27:09	Name: tuuid Value: d6816471-faa6-460d-84f5-85a6437745bf
.creative-serving.com/	1970-01-20 17:27:09	Name: c Value: 1670733818
.creative-serving.com/	1970-01-20 17:27:09	Name: tuuid_lu Value: 1670733818
.mathtag.com/	1970-01-20 17:31:29	Name: uuid Value: 317e6395-5ffb-4000-a9cf-edb083a93863
.mathtag.com/	1970-01-20 08:48:45	Name: mt_mop Value: 4:1670733819

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://vchys.com.ua/templates/Vchys/css/# Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276832;a.a=544407160;cache=2993712033; Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/index.html Message: Refused to apply style from 'https://s0.2mdn.net/sadbundle/17994806890838827935/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_-UxLXQ/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://s0.2mdn.net/json/hotel_names.json Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ads.creative-serving.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
bid.g.doubleclick.net
cdn.doubleverify.com
clients1.google.com
cm.g.doubleclick.net
counter.yadro.ru
cse.google.com
csi.gstatic.com
dclk-match.dotomi.com
dominantroute.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
r5---sn-aigzrnsr.c.2mdn.net
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tr.blismedia.com
vchys.com.ua
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
s0.2mdn.net
103.229.206.241
136.243.155.228
142.250.184.226
142.250.185.198
172.217.16.130
18.158.120.155
185.80.39.216
193.200.64.20
2001:678:cb4:bbbb::11
213.254.244.112
23.3.109.122
2404:6800:400a:80a::2003
2600:9000:223f:d200:1b:5138:8a40:93a1
2a00:1450:4001:803::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4009:17::a
2a02:26f0:3400::170b:cea2
2a02:fa8:8806:13::1370
2a03:2880:f080:a:face:b00c:0:8c
2a05:d018:d29:3601:9d99:f3a9:72e4:c4e6
3.122.156.110
34.96.105.8
35.157.140.187
35.186.253.211
37.252.171.21
52.223.40.198
66.102.1.154
69.173.144.165
85.114.159.118
88.212.201.198
98.98.134.243
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0368c51ee0901e3ae2569a661f8b4d4e8f4ecdfab2508d7b3f0123ddef5ac3b9
0817ca0b440a99aee3486e44c51d9610e03116464e27759f4087761ac6dd40db
08ab8ac80ffa7a9594e20fa830a394fb4c0cd0ecd9886c1a6bf39c08236f8b85
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea67b9a3f6abf27433c6b4404e9aee6db762784fd66c3420516668e87b3d4d2
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
153d6542dae5652359907e7fd4b060afd3e648cc10f0cf1c1f866d0c69f7e3ea
1625a7121dceb87b03bd71920c9017eebe1e36f92db77c25b99bc88fcdd5584a
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
1955e35543309ca044a7071e173a7953ce9c0abf99ca51442dc81fdf20a262f0
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9
1b925cd36e4d7035c4443ff5ce5f8baa93e6b2cf7c9492791276783453c2aa87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2c1ec83b19a9a9c2648e2d7b2162c1c7cb6cbeeb9341bdc56bed0691d19f7f7d
2f8d2146bbcb6552c686ea04d4bc2bd5791c8d4c796c73d91241b01792620eda
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316e24302c38c44ef5b2e9706375cecdb9cf8ba0aea446534c7245613f43de50
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
33ae362801df6760d197feb6424b31cd4a3c0f04cb5c390e3f5fb9cec197b765
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
378c520dce7ff876c9b301630fabc4544730cf62aefa4e385d696e2635611069
3840f7e1a850174d972123f9177d4c3fe4136f6ef85d7dfd9d021934ffcdd6b0
39d27420dbf428a92a85c8b6051ed58dfdf45ae14c5632595f65ed72a6b46ca3
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
43f8d735dfa2d95444c3fe510c63d222b355d271c1d1dd66347323bcedb69129
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2
526d07f959e6138027dcd27e172f4482236c2e41c5121d501e7ec95f19817d89
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55661bab37ea39b78f435124e89f3ce2901d2ad2548c7016ae89c2d14efb208c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
5888f0625319d6fadde7446e7784b96595644ce26ceaebb6ca17172a56ba9d2c
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648b8d13898649b9dd354994524dce679b7dbd66d869ea64aea4ea6380c7e8a2
66dcc3803f97778013d44951dd9583f33d38299034d1bf9d461f579b126caa7f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a7bded8a179b31d2795703f0fb8c7e7b46a8f427789d1bb11eec24dfddb4da2
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6ec5e1101ea00048a692f3a4baa491dac4e16ec88d52e6f3a4fd17f47eac44c2
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
714af8a42c52314c6b001daa7232340957c3bee0ecd1348fa3ecdaf67ce72682
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
74582baac2f4399283844f099e127cba15a183c2e887147a3af7ed2c49b95c58
7694385b81ddc4f2410152f4120172677335aaf07b0213a1d82172a9d389afa1
7701227f533e90a8ae535cf5a68e294809b1c07db8f14c9bc5b2b80b12f85ec6
7753657361b802b159fc0bdb146186b65cadc5785a257b494ca22b05b9528e58
777ec012383b9e1abb2a0c13dc3d67f832ede7261b7479b9c2f669c26c1c3548
7b9ea0977d3dc759a0750d1ef170c410ef12acb686da131cad9be18e2dfc58ed
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
864115f93054093e973a577effacab8fef3303a62f9ebbd3a09008f680b5df73
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8b9d189ee42d3345adcb082b1f8e51a1ba07c48f903cbf2106891274dcf01b18
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93820037c52e7ddaf7048a16042082e47becb24a191cc1716fa1c18719fc4c8f
93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2c81932873500bc113572e5b7212e9e473b1e8c0f10499e8092a55937df050
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf15c219c564c48e8306f34c0243e7ef0fba5f85ddaf2f7c2ca044b3279cccc
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2fc0b7634ad909fbbf3a26e5ee6b34c8baedf354649863c5935ddfad9a19e1f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
af1a45f830aed8f072a2ed0e9a1dd4aea40391d1eb8a33c39181b5c05bed53bc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b94f4ea14a22b6dce298e06f5cb378dc8b6c450ee389306815063f5b18d09aeb
baa65d81f48c211672e20e98cf0d7add2ee8d6e5484155afa46a02c1a63cf606
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2d49c918e4a892ed49c6e1b742c1c4e6c3af1ff1aa8ed5bc71371f5aef005c7
c7c3b30067a4397a1a5748329a4aca793f5b43a0058408c8a38cdff4d46c7c61
ca494a98201b7950c5bd649ffedc27d373f5e5b33033815775b22ed5ae224099
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4e57e0515b5cbcf77a8f9df4888d5d88f4858437b4335f500166fa8891a5e99
d75d0791b92689369d15650ee74fd6b830252eb010653957237c62401edd8da7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc196f8a908960ed2108371fc671938181c14d38b87ef2eb047147d543888cf5
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5c588f226524a4a9028d3ec049db4604d5443cbde21e56913d55f5bf5923573
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f60910a38fcb438b5460bda5991494c4ff8e516ac29aebafb9d299df2b629f78
fd4d2a365a8dad1a06d041101943c79d4e6c55791fe35e88b64a53b8835a7395

vchys.com.ua Open in urlscan Pro 136.243.155.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

187 Requests

80 %HTTPS

51 %IPv6

31 Domains

48 Subdomains

35 IPs

9 Countries

2700 kBTransfer

6993 kBSize

28 Cookies

1 Outgoing links

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

vchys.com.ua Open in urlscan Pro
136.243.155.228 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

80 %
HTTPS

51 %
IPv6

31
Domains

48
Subdomains

35
IPs

9
Countries

2700 kB
Transfer

6993 kB
Size

28
Cookies

187 HTTP transactions
11 data transactions